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(57) An electronic value amount of an electronic 
bank account and an electronic value amount stored in 
user identification module UIM in mobile station MS are 
each stored in an electronic bank server EBS, and up- 
dated by the server when either amount changes as a 
result of transaction. 
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Description 

Technical Field 

[0001] The present invention relates to an electronic 
value system for performing electronic transactions by 
utilizing electronic values. 

Background Art 

[0002] Various systems exist for performing cashless 
shopping. These systems utilize so-called electronic 
money (hereafter referred to as an electronic value). 
However, since an electronic value is comprised of data, 
there is a danger that such a value may be improperly 
used or manipulated by unauthorized persons posing 
as claimants or owners. It is therefore necessary to de- 
vise an operating system which is able to provide secu- 
rity for cashless transactions, and to prevent problems 
of misuse and fraud. 

[0003] However, in providing such a system a draw- 
back is encountered in that transactions become more 
complicated and time consuming, and less efficient. 

Disclosure of Invention 

[0004] The present invention has been made with a 
view to overcoming the above-mentioned problems, 
and has as its object the provision of a secure and effi- 
cient electronic value system which utilizes a communi- 
cation terminal and a server. 

[0005] To achieve these aims, the present invention 
provides an electronic value system which comprises of 
a plurality of communication terminals, acting as an 
electronic purse, each having a memory for storing an 
electronic value and a communication means for per- 
forming transmission and reception of the electronic val- 
ue to outside nodes. An electronic bank account holding 
means in a server on a network for accumulating elec- 
tronic values in an electronic bank account assigned to 
a user. A transfer means for transferring, via the net- 
work, an electronic value to a memory of one of the elec- 
tronic communication terminals from the electronic bank 
account holding means. A transaction log notification 
means which shows transaction details when a transac- 
tion using an electronic value by the communication ter- 
minal is performed. A purse balance information man- 
agement means, provided in the network, for memoriz- 
ing balance information of an electronic value stored in 
a memory of the communication terminal; and updating 
balance information of an electronic value related to a 
transaction log upon receiving a transaction log trans- 
mitted from a transaction log notification means. 
[0006] In accordance with the present invention, a 
purse balance information management means memo- 
rizes balance information of an electronic value in an 
electronic bank account and the balance information of 
the electronic value stored in a communication terminal 



functioning as an electronic purse; and updates balance 
information of the electronic value in the communication 
terminal when transaction contents change, thereby en- 
abling the detection of any improper transcription of the 
5 electronic value in a communication terminal. 

[0007] In the preferred embodiment of the present in- 
vention, the plurality of communication terminals in the 
electronic value system include a first communication 
terminal and a second communication terminal, each of 
10 which performs transmission and reception of an elec- 
tronic value. Wherein the first communication terminal 
transmits its own identification information and electron- 
ic value stored in the memory to the second communi- 
cation terminal; and the second communication terminal 
receives the identification information of the electronic 
value transmitted from the first communication terminal 
and transmits its own identification information to the 
first communication terminal; and wherein the transac- 
tion log notification means further transmits the electron- 
ic value amount for which transmission and reception 
are performed along with identification information of the 
first and second communication terminal from either the 
first communication terminal or the second communica- 
tion terminal, at least to the purse balance information 
management means as a transaction log; and the purse 
balance information management means updates bal- 
ance information of the electronic value based on the 
transmitted transacted log. 

[0008] In accordance with the system of the present 
invention, when the first communication terminal and 
the second communication terminal perform transmis- 
sion and reception of an electronic value between each 
other, the balance information of an electronic value 
stored in the communication terminal is updated in a 
transaction log provided by either the first communica- 
tion terminal or the second communication terminal. In 
other words, the transmission log can be transmitted by 
either one of the communication terminals whereby 
processing efficiency is improved. 
[0009] In the preferred embodiment of the present in- 
vention, the first communication terminal and the sec- 
ond communication terminal each include a log accu- 
mulation means for accumulating the transaction log re- 
lated to their own transaction, and when either the first 
communication terminal or the second communication 
terminal accumulates the transaction log equal in vol- 
ume to a storage capacity by the log accumulation 
means, transmission and reception of electronic value 
to outside nodes are not performed. 
[0010] Also, in another preferred embodiment, the 
first communication terminal and the second communi- 
cation terminal each comprise a log accumulation 
means for accumulating the transaction log related to 
their own transaction, and when either the first commu- 
nication terminal or the second communication terminal 
accumulates the transaction logs equal in volume to a 
memory capacity by the log accumulation means, the 
transaction logs having a date and time prior to that of 
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a current date and time are erased during a transaction 
in which a current transaction log is accumulated. 
[001 1 ] Further, in another preferred embodiment, the 
first communication terminal and the second communi- 
cation terminal comprise the log accumulation means 
accumulating the transaction log related to their own 
transaction, the transaction log notification means trans- 
mits the transaction log to the purse balance information 
management means when accumulating the transac- 
tion log equal in volume to a storage capacity by the log 
accumulation means in either the first communication 
terminal or second communication terminal at least. 
[0012] In the various embodiments of electronic value 
system, described above, for example, the communica- 
tion terminal is a mobile communication terminal stored 
in a mobile network, the network is a mobile network, 
and the first communication terminal and second com- 
munication terminal can communicate by radio. Also, a 
memory of the communication terminal may be an IC 
card installed in the communication terminal. Also, the 
communication terminal may attach a transmission date 
and time to the electronic value when transmitting the 
electronic value. Also, the communication terminal may 
provide a security means for performing electronic au- 
thentication, encryption and decryption by using a key 
for the electronic value, and an update means to update 
the key regularly when performing transmission and re- 
ception of the electronic value. 

[0013] Also, the present invention provides an elec- 
tronic value system for performing transmission and re- 
ception of an electronic value between the first commu- 
nication terminal and the second communication termi- 
nal, wherein the first communication terminal includes 
electronic value system comprising a memory for stor- 
ing the electronic value, identification information of the 
issuer who issued the electronic value, and a digital sig- 
nature provided by the issuer to the identification infor- 
mation, and a transmission means for transmitting the 
identification information of the issuer and a digital sig- 
nature with the stored electronic value to the second 
communication terminal, with the second communica- 
tion terminal including an electronic value system com- 
prising a receiving means for receiving identification in- 
formation of the issuer and a digital signature, and a con- 
firmation means for confirming validity of the first com- 
munication terminal by verifying the received digital sig- 
nature, and by confirming that the electronic value trans- 
mitted from the first communication terminal is issued 
by the issuer. 

[0014] In a related system, when the first communi- 
cation terminal and the second communication terminal 
perform reception and transmission of an electronic val- 
ue between each other, on one hand, the first commu- 
nication terminal adds identification information and a 
digital signature of the issuer to the electronic value for 
transmission. On the other hand, a second communica- 
tion terminal confirms the correctness of the received 
electronic value by verifying identification information of 



issuer and digital signature. The correctness of the elec- 
tronic value will be confirmed only between the two com- 
munication terminals whereby improved security and ef- 
ficiency for an electronic value can be obtained. Also, 

5 when the first communication terminal and the second 
communication terminal perform reception and trans- 
mission of an electronic value between each other, on 
one hand, the first communication terminal adds identi- 
fication information and a digital signature of the issuer 

10 to the electronic value for transmission. On the other 
hand, a second communication terminal confirms the 
correctness of the received electronic value by verifying 
identification information of issuer and digital signature. 
The correctness of the electronic value will be confirmed 

'5 only between the two communication terminals whereby 
improved security and efficiency for an electronic value 
can be obtained. 

[0015] In the preferred embodiment, the second com- 
munication terminal comprises a memory for storing the 

20 electronic value, identification information of the issuer 
who issued the electronic value, and a digital signature 
transmitted by the issuer for the identification informa- 
tion, and a transmission means for transmitting identifi- 
cation information of the issuer stored previously and a 

25 digital signature to the first communication terminal fur- 
ther, and the first communication terminal comprises an 
obtaining means for obtaining a digital signature provid- 
ed by the issuerto identification information of the issuer 
in a memory of the second communication terminal, and 

30 the identification information before transmitting the 
electronic value to the second communication terminal, 
and a confirmation means for confirming authenticity of 
the second communication terminal by verifying the ob- 
tained digital signature, and by confirming that the elec- 

35 tronic value in memory of the second communication 
terminal is issued by the issuer. 

[0016] Also, in the electronic value system, the first 
communication terminal and the second communication 
terminal include a log accumulation means for accumu- 

40 lating the transaction log related to their own transac- 
tion, and either the first communication terminal or the 
second communication terminal transmits the accumu- 
lated transaction log to outside nodes managing bal- 
ance information of electronic value which the first orthe 

45 second communication terminal memorizes when accu- 
mulating the transaction log equal in volume to a storage 
capacity by the log accumulation means. 
[0017] Also, the first communication terminal and the 
second communication terminal may perform transmis- 

50 sion and reception of the electronic value by radio. Ei- 
ther of the first communication terminal or the second 
communication terminal may be a mobile communica- 
tion terminal provided in a mobile network. In addition, 
the second communication terminal may be installed in 

55 a vending machine. Also, the communication terminals 
may attach a transmissio n date and time to the electron- 
ic value when transmitting the electronic value. Further, 
the communication terminal may include a security 
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means for performing a process of electronic certifica- 
tion, encryption and decryption by using a key for the 
electronic value; and an update means for regularly up- 
dating the key when performing transmission and recep- 
tion of the electronic value. 

[001 8] Also, the present invention provides a commu- 
nication terminal providing a memory for storing an elec- 
tronic value which is electronic money information and 
its own identification information therefor, a communi- 
cation means for performing transmission and reception 
of the electronic value between outside nodes, an iden- 
tification information exchange means for providing its 
own identification information stored in the memory to 
the outside nodes, and to obtain identification informa- 
tion of the outside nodes from the outside nodes, and a 
log accumulation means, as a transaction log, for accu- 
mulating the electronic value amount whose transmis- 
sion and reception are performed between the outside 
nodes, the identification information, and identification 
information of the outside nodes. 
[0019] In the preferred embodiment, a communica- 
tion terminal does not perform transmission and recep- 
tion of the electronic value between the outside nodes 
when it accumulates a transaction log equal in volume 
to a storage capacity of the memory accumulation 
means. 

[0020] In this case, when a communication terminal 
accumulates the transaction log equal in volume to a 
storage capacity of the log accumulation means, the ac- 
cumulated transaction log with an older transmission 
date and time may be erased in transmission and re- 
ception of the electronic value after accumulating the 
transaction log. Also, a communication terminal may 
transmit the accumulated transaction log to an outside 
device for confirming authenticity for transmission and 
reception of the electronic value by using the transaction 
log before erasing the accumulated transaction log. 
[0021] In the preferred embodiment, a communica- 
tion terminal includes a security means for performing 
a process of electronic authentication, encryption and 
decryption by using a key for the electronic value; and 
an update means for updating regularly the key when 
performing transmission and reception of the electronic 
value. Also, in another preferred embodiment, when a 
communication terminal transmits the electronic value 
to the outside nodes, the communication terminal at- 
taches the transmission date and time to the electronic 
value. Further, in another preferred embodiment, the 
communication means performs transmission and re- 
ception of the electronic value between outside nodes 
by radio. The communication terminal is a mobile com- 
munication terminal stored in a mobile network, and the 
memory is an IC card installed in the communication ter- 
minal. 

[0022] Also, the present invention provides a commu- 
nication terminal including a memory for storing an elec- 
tronic value which is electronic money information; iden- 
tification information of an issuer of the electronic value, 



and a digital signature provided by the issuer to the iden- 
tification information; a communication means for per- 
forming transmission and reception of the electronic val- 
ue between outside nodes; an attachment means for at- 

5 taching identification information of the issuer and the 
digital signature to electronic value transmitted to the 
outside nodes by the communication means, and a con- 
firmation means for confirming authenticity of the elec- 
tronic value by verifying identification information of the 

10 issuer to be attached to the electronic value received 
from the outside nodes by the communication means, 
and the digital signature. 

[0023] In the preferred embodiment, the communica- 
tion terminal includes a security means for performing 
15 a process of electronic authentication, encryption and 
decryption of the electronic value by using a key; and 
an update means for regularly updating the key when 
performing transmission and reception of the electronic 
value. 

20 [0024] When a communication terminal transmits the 
electronic value to the outside nodes, a communication 
terminal may attach a transmission date and time to the 
electronic value. The communication means may per- 
form transmission and reception of the electronic value 

25 between the outside nodes by radio. The communica- 
tion terminal is, for example, a mobile communication 
terminal stored in a mobile network, and the memory is 
an IC card installed in the communication terminal. 
[0025] Also, the present invention is a server for mem- 

30 orizing electronic value which is electronic money infor- 
mation, and provides a transfer means for transferring 
electronic value accumulated by the electron ic bank ac- 
count holding means via the network to an electronic 
bank account holding means for accumulating the elec- 

35 tronic value into an electronic bank account assigned to 
user, a memory for storing the electronic value and a 
communication terminal holding a communication 
means for performing transmission and reception of the 
electronic value between the outside nodes; and a purse 

40 balance information management means for memoriz- 
ing balance information of electronic value stored in a 
memory of the communication terminal; and a log ob- 
taining means for obtaining a transaction tog showing 
details of a transaction by using the electronic value in 

45 the communication terminal via the network from the 
communication terminal; and a purse balance informa- 
tion update means for updating balance information of 
the electronic value memorized by the purse balance 
information memory means on a basis of the obtained 

50 transaction log. 

[0026] In the preferred embodiment, the server com- 
prises an electronic authentication means for giving an 
electronic authentication by a key which the server 
memorizes for the transmitted electronic value informa- 

55 tion. 
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Brief Description of the Drawings 
[0027] 

Fig 1 is a block diagram illustrating the configuration 5 
of the overall system according to the embodiment 
of the present invention. 

Fig 2 is a block diagram illustrating the configuration 
of an electronic bank server according to the em- 
bodiment of the present invention. io 
Fig 3 is a diagram explaining memory content of the 
database in an electronic bank server according to 
the embodiment of the present invention . 
Fig 4 is a diagram explaining a memory content of 
the database in an electronic bank server according 15 
to the embodiment of the present invention . 
Fig 5 is a diagram explaining memory content of the 
database in an electronic bank server according to 
the embodiment of the present invention . 
Fig 6 is a block diagram illustrating the configuration 20 
of a mobile station according to the embodiment of 
the present invention . 

Fig 7 is a diagram explaining memory content of 
UIM according to the embodiment of the present 
invention . 25 
Fig 8 is a diagram explaining memory content of 
UIM according to the embodiment of the present 
invention . 

Fig 9 is a diagram explaining memory content of 
UIM according to the embodiment of the present 30 
invention . 

Fig 10 is a block diagram explaining memory con- 
tent of a prepaid card according to the embodiment 
of the present invention . 

Fig 11 is a block diagram explaining memory con- 35 
tent of a prepaid card according to the embodiment 
of the present invention . 

Fig 12 is a block diagram explaining the operation 
of opening an electronic bank account. 
Fig 1 3 is a sequence diagram illustrating the oper- 40 
ation of the overall system according to the embod- 
iment of the present invention . 
Fig 14 is a sequence diagram illustrating the oper- 
ation of the overall system according to the embod- 
iment of the present invention . 45 
Fig 15 is a sequence diagram illustrating the oper- 
ation of the overall system according to the embod- 
iment of the present invention . 
Fig 1 6 is a sequence diagram illustrating the oper- 
ation of the overall system according to the embod- 50 
iment of the present invention . 
Fig 1 7 is a sequence diagram illustrating the oper- 
ation of the overall system according to the embod- 
iment of the present invention . 

Fig 18 is a sequence diagram illustrating the oper- 55 
ation of the overall system according to the embod- 
iment of the present invention . 
Fig 1 9 is a block diagram illustrating the configura- 



tion of the overall system according to the embodi- 
ment of the present invention in an application ex- 
ample. 

Best Mode for Carrying Out the Invention 

[0028] Embodiments of the present invention will be 
described with reference to the drawings. 
[0029] In this embodiment, an electronic bank ac- 
count for each user at an electronic bank provided on a 
network is opened, and a mobile station which each user 
owns is used as an electronic purse. A function of elec- 
tronic authentication, encryption and decryption based 
on RSA public key encryption system of PKI base (Pub- 
lic Key Infrastructure) should be activated in an ex- 
change for this electronic value. 

A: Configuration 

[0030] At first, the configurations of this embodiment 
will be described. 

[0031 ] Fig 1 is a block diagram illustrating the config- 
uration of the overall system according to the embodi- 
ment of the present invention. As shown in this figure, 
this system is configured by mobile station MS, mobile 
network MN, prepaid card PC, electronic bank server 
EBS, banking system BS, internet INET, registration au- 
thority server RA, certificate authority server CA, and di- 
rectory server DS. 

[0032] Prepaid card PC is a non-contact IC card for 
storing electronic value Information. This prepaid card 
PC comprises a function for transmitting stored elec- 
tronic value information to the outside nodes by radio, 
and functions as an electronic purse for a user. In this 
embodiment, for example, infrared rays like IrDA (Infra- 
red Data Association) and the like are used. 
[0033] Mobile station MS is, for example, acellulartel- 
ephone, and performs sound communication and data 
communication via mobile network MN. This mobile sta- 
tion MS installs an IC card memorizing electronic value 
information, and performing input and output with regard 
to electronic value. This IC card will be referred to as 
UIM (User Identity Module) 1 hereafter. A user can op- 
erate this mobile station MS as an electronic purse by 
attaching this UIM1 to mobile station MS. 
[0034] Concretely, the mobile station MS reads out 
electronic value information in UIM1 , and actualizes var- 
ious transactions by exchanging this information with 
outside nodes. There are two forms of exchange for this 
electronic value; 

1 . Performing transmission and reception of elec- 
tronic value information to an electronic bank server 
or other mobile stations via mobile network, 

2. Performing transmission and reception of elec- 
tronic value information transmitted from prepaid 
card PC by infrared rays. 
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[0035] The mobile network MN comprises a mobile 
base station MBS and an exchange station not shown 
here, and provides sound communication service and 
data communication service to the mobile station MS. 
This mobile network MN is connected to internet INET 
via gateway device not shown here. 
[0036] An electronic bank server EBS is connected to 
a mobile network MN and a bank system BS installed in 
a bank (not shown here) by a private line. A virtual bank 
account (hereafter referred to as Electronic Bank Ac- 
count) assigned to each user is opened in this electronic 
bank server EBS. The electronic bankserver EBS mem- 
orizes electronic value information, such as an electron- 
ic bank account number to specify electronic bank ac- 
count and balance information of electronic value in the 
electronic bank account, and performs a process for de- 
positing, withdrawing and transferring electronic value 
and the like in the electronic bank account in response 
to a request from mobile station MS. 
[0037] Also, the electronic bank server EBS memo- 
rizes an electronic bank account , and the balance in- 
formation of electronic value in an electronic purse, such 
as a mobile station MS and a prepaid card PC; and up- 
dates balance information by notifying the electronic 
bank server EBS from the electronic purses. According- 
ly, an electronic bank server EBS can detect incorrect 
transcriptions by comparing the balance information 
which the electronic bank server EBS memorizes in 
case the electronic value is transcribed incorrectly on 
the electronic purse , such as a mobile station MS and 
a prepaid card PC. 

[0038] The Certificate authority server CA is a well- 
known server which issues an electronic authentication 
of standard X509 -based on RSA public key encryption 
system, and is connected to the Internet INET Con- 
cretely, the certificate authority server CA generates a 
public key certificate when a digital signature is given to 
guarantee correctness for a private key of each node in 
response to an issuing request of a public key certificate 
transmitted from each node on a network. As this digital 
signature is performed by a private signature key which 
the certificate authority server CA owns, each node 
which obtains a public key certificate decrypts this public 
key certificate by using the public key of the certificate 
authority server CA. As each node encrypts the data by 
a public key of the certificate authority server CA, and 
transmits it to the certificate authority server C A, the cer- 
tificate authority server CA memorizes a private decryp- 
tion key to decrypt this encrypted message. 
[0039] The Directory server DS is a well-known server 
storing a public key certificate generated by the certifi- 
cate authority server CA and CRL (Certificate Revoca- 
tion List) for the public key certificate, and connected to 
the Internet INET The directory server DS functions to 
search among public key certificates stored in the direc- 
tory server DS a public key certificate requested by any 
of each nodes, and to distribute the same. 
[0040] In this embodiment, a public key for mobile sta- 



tion MS and electronic bank server EBS receive an is- 
sue of public key certificate from the certificate authority 
server CA. Accordingly, a node which should be a com- 
munication partner for the mobile station MS and an 
5 electronic bank server EBS can confirm whether a third 
party pretends to be a communication partner or not by 
obtaining a public key certificate from the directory serv- 
er DS, and verifying the digital signature. 
[0041 ] The Registration authority server RA is a serv- 
er provided on the Internet INET, and accepts an appli- 
cation of opening an electronic bank account by a user, 
and performs a process with regard to the opening of 
an electronic bank account by cooperating with the elec- 
tronic bank server EBS, the certificate authority server 
CA and the directory server DS. 
[0042] The registration authority server RA memoriz- 
es a private signature key and an encryption certificate 
for CA. A private signature key is a key which gives a 
digital signature to data which the registration authority 
server RA should transmit to outside nodes and this key 
prevents a third party from pretending to be the regis- 
tration authority server RA. Also, an encryption certifi- 
cate for CA is a certificate for a public key to encrypt 
data which should be transmitted to the certificate au- 
thority server CA. An encrypted message of an encryp- 
tion certificate for CA is decrypted by a private decryp- 
tion key which the certificate authority server CA owns. 
This key prevents a third party from intercepting the data 
and transmitting to the certificate authority server CA. 

(2) Configuration of electronic bank server EBS 

[0043] Next, the electronic bank server EBS will be 
described with reference to the block diagram shown in 
Fig 2. 

[0044] As shown in Fig 2, the electronic bank server 
EBS is configured by the communication unit 11, the 
control unit 12, the database 13, and bus 14 which con- 
nects these mutually. 

[0045] The communication unit 11 comprises a con- 
nection interface with Internet INET (not shown here) 
and a communication control circuit (not shown here). 
This communication unit 31 performs data communica- 
tion with the certificate authority server CA and the di- 
rectory server DS via a mobile network MN and the in- 
ternet INET, and with a mobile station MS via a mobile 
network MN. 

[0046] The Control unit 12 is configured by the CPU 
(Central Process Unit) not shown here, ROM (Read On- 
ly Memory), RAM (Random Access Memory), and con- 
trols the overall electronic bank server EBS. 
[0047] As shown in Fig 3, a private signature key, a 
private decryption key, a CA signature verification cer- 
tificate, and an electronic value information are memo- 
rized in Database 13. 

[0048] A private signature key is a private key which 
gives a digital signature to data which is to be transmit- 
ted to the outside nodes from the electronic bank server 
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EBS. A public key corresponding to this private signa- 
ture key is registered in the directory server DS after a 
certificate is issued by the certificate authority server 
CA. 

[0049] A private decryption key is a private key to de- 
crypt an encrypted message received from an electronic 
bank server EBS. A public key corresponding to this pri- 
vate key is registered in the directory server DS after a 
certificate is issued by the certificate authority server 
CA. 

[0050] A CA signature verification certificate is a cer- 
tificate for a public key to verify a digital signature which 
the certificate authority server CA gives to various cer- 
tificates with a private key. As this CA signature verifi- 
cation certificate is registered in the directory server DS, 
the electronic bank server EBS can obtain this certificate 
by accessing the directory server DS. 
[0051 ] The Electronic value management information 
is information which manages electronic value informa- 
tion stored in a mobile station MS, and electronic value 
information stored in a prepaid card PC. 
[0052] Fig 4 is a diagram explaining the electronic val- 
ue management information to manage electronic value 
information stored in UIM1 in the mobile station MS. As 
shown in this figure, the electronic value management 
information comprises electronic bank ID, electronic 
bank account number, electronic value amount in an 
electronic bank account, the electronic value amount in 
UIM, a time stamp at update of electronic value amount, 
current value amount in electronic bank account, current 
value amount in UIM, a time stamp at update of current 
electronic value amount, and electronic value update 
history. 

[0053] The Electronic bank ID is identification infor- 
mation for an electronic bank server EBS which issued 
the electronic value. 

[0054] The Electronic bank account number is the 
identification information to specify each electronic bank 
account. 

[0055] The Electronic value amount in an electronic 
bank account is the balance information of the electronic 
value in an electronic bank account when a mobile sta- 
tion MS accesses an electronic bank server EBS at 
transaction end. 

[0056] The Electronic value amount in UIM is the bal- 
ance information of the electronic value in UIM1 when 
the mobile station MS accesses the electronic bank 
server EBS at transaction end. 

[0057] A time stamp at the update of electronic value 
is information for showing date and time when the elec- 
tronic value amount in UIM is updated, and issued by 
the electronic bank server EBS. An incorrect retransmis- 
sion of electronic value will be discovered by using this 
time stamp as described later. 

[0058] The current electronic value amount is the cur- 
rent balance information of electronic value in an elec- 
tronic bank account. 

[0059] The current electronic value in UIM is the bal- 



ance information of electronic value which should be re- 
flected on UIM 1 . As described later, when an exchange 
of electronic value is performed between the mobile sta- 
tions MS without an electronic bank server EBS , a trans- 

5 action log is notified to the electronic bank server EBS 
from either one of mobile stations MS after exchanging 
electronic value. When this notification is made, the 
electronic value amount which should be stored in both 
mobile stations MS is calculated. The Electronic value 

10 amount which should be reflected on UIM1 in the mobile 
station MS which does not communicate with the elec- 
tronic bank server EBS corresponds to current electron- 
ic value amount in this UIM. 

[0060] A time stamp at the update of current electronic 
15 value amount proves the date and time which the cur- 
rent electronic value amount in an electronic bank ac- 
count and the current electronic value amount in UIM 
are updated. An incorrect retransmission of electronic 
value will be discovered by using this time stamp de- 
20 scribed later. 

[0061] The Electronic value update history is an up- 
dated history of an electronic value amount in UIM at 
the point the mobile station MS last accesses the elec- 
tronic bank server EBS. 
25 [0062] Next, the electronic value management infor- 
mation to manage electronic value information stored in 
a prepaid card PC will be described with reference to 
Fig 5. The different points of electronic value information 
between Fig 4 and Fig 5 are that prepaid card PC is the 
30 object as an electronic purse instead of UIM1 , and the 
prepaid card ID is used instead of an electronic bank 
account number. Thus, the electronic value manage- 
ment information of UIM1 and a prepaid card PC in an 
electronic bank server EBS is different. The UIM1 cor- 
35 responds to a fixed, one-to-one electronic bank account 
and a prepaid card on the contrary is transferable, and 
therefore manages an electronic value by using prepaid 
card IDs, and not by a prepaid card PC corresponding 
to an electronic bank account. 

40 

(3) Configuration of mobile station MS 

[0063] Next, the configuration of mobile station MS 
will be described with reference to Fig 6. 
45 [0064] As shown in this figure, the mobile station MS 
is configured by radio communication unit 2, control unit 
3, user interface 4, UIM1, infrared communication unit 
5; and bus 6. Bus 6 connects these mutually. 
[0065] Radio communication unit 2 comprising an an- 
50 tenna (not shown here) and a communication control cir- 
cuit, performs radio communication with the mobile 
base station MBS in the mobile network MN. Also, the 
infrared communication unit 5 performs infrared com- 
munication with the prepaid card PC. 
55 [0066] The control unit 3 is configured by CPU, ROM 
and RAM (not shown here), and controls overall the mo- 
bile station MS. The mobile station MS has a function 
which performs sound communication and data com- 
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munication; and processes electronic value. A user can 
change these functions depending on the purpose. The 
control unit 3 controls each part of the mobile station 
MS. With regard to the electronic value process, control 
unit 3 performs a process of electronic authentication, 
through encryption and decryption, which also involves 
generating and verifying a time stamp and managing a 
private key and a public key certificate. 
[0067] User interface 4 comprises a crystal panel to 
display various information, a keypad for a user to per- 
form an input operation, and a microphone and a speak- 
er for a user to make a call. 

[0068] With reference to Fig 7, the data to be memo- 
rized in UIM1 will be described. As shown in this figure, 
a private signature key, a private decryption key, an EB 
signature verification certificate, an encryption certifi- 
cate for EB, a CA signature verification certificate, a user 
ID, and an electronic value information are memorized 
in UIM1. 

[0069] The Private signature key is a private key 
which provides a digital signature to data which the mo- 
bile station MS transmits to outside nodes. By providing 
the digital signature to the data transmitted to the out- 
side nodes, a third party is prevented from posing to be 
a user of the mobile station MS 

[0070] The Private decryption key is a private key 
which decrypts an encrypted message received by the 
mobile station MS. Thus, preventing a third party from 
intercepting a message at the time when the encrypted 
message is transmitted to the mobile station MS. 
[0071] The EB signature verification certificate is a 
certificate for a public key to verify a digital signature 
which is signed by the electronic bank server EBS. 
Since the electronic bank server EBS provides the dig- 
ital signature to the data for the mobile station MS, a 
third party is prevented from posing to be the electronic 
bank server EBS. 

[0072] The Encryption certificate f or E B is a certificate 
for a public key to encrypt data transmitted to the elec- 
tronic bank server EBS. That is to say, intercepting by 
a third party is prevented as the data to be transmitted 
to the electronic bank server EBS is encrypted. 
[0073] The CA signature verification certificate is a 
certificate for a public key to verify a digital signature 
which the certificate authority server CA gives to various 
certificates. Thus, reliability of a certificate issued by 
certificate authority server CA is guaranteed. 
[0074] The User ID is identification information which 
specifies a user of the mobile station MS. 
[0075] Next, as shown in Fig 8, the electronic value 
information comprises an electronic bank ID; an elec- 
tronic purse type; an electronic bank account number, 
an electronic bank signature SGN1 , an electronic value 
amount in the electronic bank account, an electronic val- 
ue amount in the UIM; a time stamp at update of the 
electronic value amount, an electronic bank signature 
SGN2, the current electronic value amount; and an elec- 
tronic value update history. 



[0076] The Electronic bank ID is described above. 
[0077] The Electronic purse type is information which 
shows whether an electronic purse for storing electronic 
value information is UIM1 or a prepaid card PC. 
5 [0078]* The Electronic bank account number is de- 
scribed above. 

[0079] The Electronic bank signature SGN1 is a dig- 
ital signature given by the electronic bank server EBS 
to guarantee that the electronic bank ID, the electronic 

10 purse type, and the electronic bank account number de- 
scribed above are not manipulated. 
[0080] The Electronic value amount in the electronic 
bank account is the balance information of the electronic 
value in the electronic bank account when the mobile 

15 station MS accesses electronic bank server EBS at 
transaction end. 

[0081] The Electronic value amount in the UIM is the 
balance information of the electronic value in the UIM1 
when the mobile station MS accesses electronic bank 

20 server EBS at transaction end. 

[0082] A time stamp at the update of the electronic 
value amount shows the date and time of the update of 
the electronic value amount in the UIM, and this is is- 
sued by electronic bank server EBS. 

25 [0083] The Electronic bank signature SGN2 is a dig- 
ital signature given by the electronic bank server EBS 
to guarantee that the electronic bank ID, the electronic 
purse type, the electronic bank account number, the 
electronic value amount in the electronic bank account, 

30 the electronic value amount in the UIM, and a time 
stamp at update of electronic value amount described 
above are not manipulated. 

[0084] The Current electronic value amount is the bal- 
ance information of the electronic value which the UIM1 

35 memorizes at the time of the current transaction. 

[0085] The Electronic value update history is an up- 
dated history of the electronic value in the UIM from the 
point when mobile station MS last accesses electronic 
bank server EBS. 

40 [0086] Fig 9 is a diagram showing the detailed con- 
tents of the electronic value update history. 
[0087] As shown in this figure, the electronic value up- 
date history comprises the recipient electronic bank ac- 
count number, the payer electronic bank account 

45 number, the payer prepaid card I D, the transacted value 
amount, and the digital signature of a transaction part- 
ner. 

[0088] A recipient electronic bank account number is 
an electronic bank account number of a user who re- 
50 ceives electronic value in transaction. A payer electronic 
bank account number is an electronic bank account 
number of the user who pays electronic value in trans- 
action. 

[0089] Also, when a user of electronic money is a pre- 
ss paid card PC, a payer prepaid card ID is registered as 
an updated history. 

[0090] A Transacted value amount is the electronic 
value amount to be transacted; and a digital signature 
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of a transaction partner is a digital signature which the 
mobile station MS gives to guarantee that the recipient 
electronic bank account number, the payer electronic 
bank account number, the payer prepaid card ID, and 
the transacted value amount are not manipulated. 
[0091] The Mobile station MS transmits electronic val- 
ue update history, as described above, to the electronic 
bank server EBS after transactions. 

(3) Configuration of Prepaid Card PC 

[0092] Next, the data to be stored in a prepaid card 
PC will be described. Fig 10 is a diagram which shows 
the data that is to be stored in a prepaid card PC. As 
shown in this figure, the EB signature verification certif- 
icate, the encryption certificate for EB, the CA signature 
verification certificate, and the electronic value informa- 
tion are memorized in a prepaid card PC. The EB sig- 
nature verification certificate, the encryption certificate 
for EB, and the CA signature verification certificate are 
common information which the UIM1 memorizes, so the 
explanations will be omitted. 

[0093] Also, a private signature key and a private de- 
cryption key are memorized in the UIM1, but not in a 
prepaid card PC. Unlike the mobile station MS, a user 
who owns a prepaid card PC is officially authorized as 
the proper owner. Because a prepaid card is transfera- 
ble, a digital signature to prevent a third party from pre- 
tending to be the owner is not required to be performed, 
or the data for electronic value information transmitted 
to the prepaid card PC is not required to be transmitted 
as an encrypted one. 

[0094] Next, the electronic value information in a pre- 
paid card PC will be described with reference to Fig 11 . 
As shown in this figure, the electronic value information 
comprises the electronic bank ID, the electronic purse 
type, the prepaid card ID, the electronic bank signature 
SGN3, the electronic value amount in a prepaid card, a 
time stamp at update of electronic value amount, the 
electronic bank signature SGN4, the current electronic 
value amount and the electronic value update history. 
[0095] The electronic value information in the prepaid 
card is different from the one in the UIM1 as follows; 
the electronic value in the prepaid card PC is used as 
the object instead of the electronic value in UIM1 ; and 
the electronic value amount in an electronic bank ac- 
count is not memorized in this prepaid card. 
[0096] That is to say, a prepaid card PC does not cor- 
respond to the electronic bank account of a user in a 
fixed way as it is transferable among users. Accordingly, 
a prepaid card PC does not memorize an electronic val- 
ue amount in the electronic bank account . 
[0097] Also, the electronic value update history 
shown in Fig 1 1 is common information to electronic val- 
ue update history in UIM1 shown in Fig 9 except that the 
electronic value information is recorded in the prepaid 
card and not in the UIM, so explanation thereof will be 
omitted. 



B: Operation 

[0098] Next, the operation of the embodiment com- 
prising the above configurations will be described. 
5 [0099] (1) Opening of a electronic bank account, (2) 
Continuation of the electronic bank account, (3) Deposit 
and withdrawal of an electronic value, (4) Exchange be- 
tween electronic purses, and (5) Transfer of the elec- 
tronic value will be described as below. 

10 

(1 ) Opening of electronic bank account 

[0100] Fig 12 is a sequence diagram showing an op- 
eration of the overall system when an electronic bank 

*5 account is opened. 

[0101] At first, a user goes to the registration authority 
(not shown here) where the registration authority server 
RA is installed, and notifies necessary information to 
open an electronic bank account, such as a name, ad- 

20 dress, password and telephone number for the mobile 
station MS, and bank account number for the bank ac- 
count which deposits electronic value to an operator. 
The operator inputs such information into the registra- 
tion authority server RA. 

25 [01 02] The Registration auth ority server R A transmits 
the input information to the electronic bank server EBS, 
and requests the electronic bank server EBS to open an 
electronic bank account. (Step SZ1) 
[0103] The Electronic bank server EBS inquires of the 

30 bank system BS whether a user has a bank account or 
the ability to pay, and opens a temporary electronic bank 
account when the above things are confirmed. (Step 
SZ2) At this moment, an electronic bank account 
number is issued, and the expiry date is set forthe elec- 
ts tronic bank account. 

[01 04] Next, the electronic bank server EBS transmits 
the electronic bank account number and expiry date for " 
an electronic bank account to the registration authority 
server RA. (Step SZ3) 

40 [0105] When the registration authority server RA re- 
ceives the electronic bank account number and the ex- 
piry date forthe electronic bank account, a pair key (That 
is to say, a pair of a private key and a public key) corre- 
sponding to a user is generated accordingly. This pair 

45 key consists of 2 types ; 

a pair key for digital signature and verification of data 
which should be transmitted to the electronic bank serv- 
er EBS from the mobile station MS and; a pair key for 
encryption and decryption of data which should be 

50 transmitted to the mobile station MS from the electronic 
bank server EBS. The expiry date for this pair key is the 
same as the one for the electronic bank account num- 
bers. 

[0106] The registration authority server RA transmits 
55 a public key to verify a digital signature, and a public key 
to encrypt a digital signature among generated pair keys 
with electronic bank account numbers to the certification 
authority server CA, and requests the certification au- 
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thority server CA to issue public key certificates with re- 
gard to these pair keys. (Step SZ4) 
[0107] Accordingly, the certification authority server 
CA issues public key certificates for digital signature ver- 
ification and encryption, and registers these certificates 
with the directory server DS by correlating with the elec- 
tronic bank account numbers. (Step SZ5) 
[0108] On the other hand, the electronic bank server 
EBS accesses the_Directory server DS, and confirms 
that public key certificates for digital signature verifica- 
tion and encryption are registered by searching, as a 
clue, an electronic bank account. (Step SZ6) At this mo- 
ment, a communication which security is guaranteed 
between electronic bank server EBS and mobile station 
MS is prepared to carry out. 

[0109] And, the electronic bank server EBS specifies 
an electronic bank account number, and notifies the reg- 
istration authority server RA that the electronic bank ac- 
count shown by the above specified number is opened. 
(Step SZ7) 

[0110] Accordingly, the registration authority server 
RA accesses directory server DS, and obtains the EB 
signature verification certificate, the encryption certifi- 
cate for EB, and the CA signature verification certificate 
stored beforehand. (Step SZ8) 

[01 1 1 ] And, the registration authority server RA writes 
a private signature key, a private decryption key, the EB 
signature verification certificate, the encryption certifi- 
cate for EB, the CA signature verification certificate, the 
electronic bank ID, and the electronic bank account 
number in the UIM1 via the ROM writer (not shown 
here). A user receives data written by the UIM1 , and at- 
taches this to the mobile station MS. And, the process 
is completed. (Step SZ9) 

(2) Continuation of the electronic bank account 

[0112] A user can perform a continuous use of the 
electronic bank account opened as described above by 
paying the account management charge regularly. A 
payment method for this account management charge 
is as follows : 

(A1) The Electronic bank withdraws electronic val- 
ue corresponding to the account management 
. charge from the electronic bank account of a user. 
(B1) The Electronic bank withdraws money corre- 
sponding to the account management charge from 
an actual bank account of a user. 
(C1) The Electronic bank appropriates a part of the 
money collected from a user as repurchase price 
for UIM1 , as an account management charge. 
(D1)The Electronic bank appropriates a part of the 
money collected from a user as an installation cost 
of a new key for the UIM1 , as account management 
charge. 

(E1 ) A part of the cost of issuing a public key certif- 
icate of a pair key regenerated in the UIM1 by the 



electronic bank is appropriated as account man- 
agement charge. 

[0113] As described above, the key for the UIM1 is 
5 updated regularly. The reason is that setting the expiry 
date to a key and updating the information regularly are 
general rules which provide security to a system which 
uses a key based on a public key encryption algorism. 
[0114] This concrete method is as follows: 

10 

(A2) A user repurchases the UIM1 where a new key 
is installed. 

(B2) The Registration authority server RA rewrites 
data for a new key into the UIM1 . 
15 (C2) A user transmits a new key to the UIM1 in the 
mobile station MS from the Registration authority 
server RA. 

(D2) A user regenerates a new key in the UIM1 , and 
requests the registration authority server RA to is- 
20 sue a public key certificate. 

[0115] An example of updating the UIM1 will be de- 
scribed with reference to the sequence shown in Fig 13. 
The example given below describes, the two payment 

25 methods which can be selected as an option. In the first 
option, the electronic value corresponding to the ac- 
count management charge is withdrawn and paid into 
the electronic bank server EBS (described above A1); 
and in the second option a private key among the pair 

30 keys wh ich the certificate authority server CA generates 
is transmitted to the mobile station MS. (described above 
C2) 

[01 1 6] And, the withdrawal date and amount of money 
for the account management charge is notified before- 

35 hand by the Electronic bank server EBS to the user who 
requests the continuation of the use of the electronic 
bank account. When the date for withdrawal comes, the 
electronic bank server EBS withdraws the electronic val- 
ue from the electronic bank account of a user as account 
management charge for the next period. (Step S1 ) 
[0117] Next, the electronic bank server EBS encrypts 
an electronic bank account number of a user to which a 
digital signature is given, and notifies the encrypted ac- 
count number to the certificate authority server CA, and 

45 requests the CA to reissue a pair key, for a permission 
to transmit a private key for users, and to issue a public 
key certificate. (Step S2) 

[0118] On the other hand, the certificate authority 
server CA decrypts and verifies the digital signature, 

50 and generates a pair key, and issues a public key cer- 
tificate for the generated pair key after confirming that 
the above requests come from the proper electronic 
bank server EBS. The public key certificate issued is 
then registered with the directory server DS. (Step S3) 

55 [01 1 9] When the electronic bank server EBS access- 
es the directory server DS, and confirms that a new cer- 
tificate has been issued (Step S4), the electronic bank 
server EBS notifies the mobile station MS of a user who 
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performs continuous use, that the account management 
charge is received and a preparation to transmit a pri- 
vate key is ready to be carried out. (Step S5) 
[0120] When the mobile station MS receives a notifi- 
cation from the electronic bank server EBS, that a pri- 
vate key is ready to be transmitted , the mobile station 
MS requests the certificate authority server CA to trans- 
mit a new private key in response to the operation by a 
user afterthis notification has been displayed. (Step S6) 
[0121] The Certificate authority server CA encrypts a 
new private key with an old encryption public key of a 
user (valid at present), and transmits this key which has 
a digital signature, to the mobile station MS when re- 
ceiving a request to transmit a new private key from the 
mobile station MS. (Step S7) The Mobile station MS ver- 
ifies the digital signature given to the new private key 
transmitted from the certificate authority server CA, and 
confirms that this signature is transmitted from the prop- 
er certificate authority server CA. Also, the MS decrypts 
the private key transmitted from the certificate authority 
server CA by using a valid private decryption key at 
present. (Step S8) 

[0122] Next, the mobile station MS substitutes the old 
private key in the UIM1 with the new one. (Step S9) 
Then, the mobile station MS transmits, to the certificate 
authority server CA, this message signed with the new 
private signature key, showing that substitution has 
been successfully carried out. (Step S10) 
[0123] The certificate authority server CA in return, 
registers a public key for an old private key with a CRL 
in the directory server DS after receiving a message that 
the substitution has been successfully carried out. (Step 
S11) 

[0124] Therefore, it is impossible to use a public key 
for an old private key. 

(3) Deposit and withdrawal of electronic value 

[0125] Next, the operation of deposit and withdrawal 
of electronic value to a prepaid card PC will be described 
with reference to the sequence shown in Fig 14 and Fig 
15 where 100 yen of electronic value amount is with- 
drawn from a deposit of 1 ,000 yen in an electronic bank 
account and appropriated to the UIM1 . 
[0126] At first, the user operates a keypad for the mo- 
bile station MS, having selected to use either the elec- 
tronic value in a prepaid card PC or the one in the UIM 1 
installed in the mobile station MS, and inputs the elec- 
tronic value amount to be withdrawn from the electronic 
bank account or the one to be deposited into the elec- 
tronic bank account. The UIM1 is selected as an elec- 
tronic purse, and the withdrawn 1 00 yen is input by the 
user in this case. The mobile station MS accepts the key 
operation described above. (Step Sa1) 
[0127] Next, after the mobile station MS encrypts the 
information input carried out in Step Sa1 and the elec- 
tronic value information in UIM1 with the encryption cer- 
tificate for the EB stored in the UIM 1 , the mobile station 



MS gives a digital signature to the above information 
with a private signature key, to which a time stamp is 
given and transmits it to the electronic bank server EBS 
as a request signal. (Step Sa2) 

5 [0128] The electronic bank server EBS obtains a pub- 
lic key certificate for verification of the digital signature 
from the directory server DS by referring to the electron- 
ic bank account number included in the received elec- 
tronic value information, and verifies the correctness of 

10 the digital signature in the mobile station MS by using 
this certificate when receiving the above information. 
(Step Sa3) 

[0129] Next, the electronic bank server EBS decrypts 
an encrypted message received in Step Sa2 by using a 
15 private decryption key which the electronic bank server 
EBS memorizes, and confirms the time stamp. (Step 
Sa4) 

[0130] To avoid receiving from the same user more 
than twice a request signal which has the same stamp, 

20 the stamp confirmation process is used. 

[0131] In this way, improper retransmission of a re- 
quest signal is prevented by this process. 
[01 32] Next, the electronic bank server EBS confirms 
the designated amount of money for withdrawal and de- 

25 posit, and calculates the electronic value amount in the 
UIM and the electronic value amount in the electronic 
bank account after a withdrawal or a deposit. (Step Sa5) 
The electronic value amount in the UIM is 1 00 yen after 
the withdrawal, the electronic value amount in the elec- 

30 tronic bank account is 900 yen in this case. 

[0133] Next, the electronic bank server EBS obtains 
a public key certificate for encryption from the directory 
server DS by using the electronic bank account number 
as a clue. (Step Sa6) 

35 [0134] And, the electronic bank server EBS encrypts 
the calculated amount in Step Sa5, the electronic bank 
account number, the user name, and a transaction type 
showing the withdrawal and deposit, and the transacted 
value amount with a public key certificate obtained from 

40 the directory server DS.(Step Sa7) 

[0135] Further, the electronic bank server EBS gives 
a digital signature to the above encrypted message with 
a private signature key which the electronic bank server 
EBS memorizes, and transmits this encrypted message 

45 to which a time stamp is given to the mobile station MS. 
(Step Sa8) 

[0136] The mobile station MS confirms verification of 
the digital signature, encryption of the encrypted mes- 
sage, and a time stamp for the received data. (Step Sa9) 

50 [0137] The mobile station MS displays the electronic 
value amount in the UIM and the electronic value 
amount in the electronic bank account after the with- 
drawal and deposit. (Step Sa10) In this case, the elec- 
tronic value amount in the U IM is 1 00 yen, and the elec- 

55 tronic value amount in the electronic bank account is 
900 yen . The user ch ecks this amount carefully, and per- 
forms a key operation to decide OK or NG whether the 
request is the same as the one of the user or not. 
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[0138] When the OK key operation is performed, the 
mobile station MS updates the electronic value informa- 
tion memorized in the UIM1. (Step Sail) 
[0139] That is to say, the mobile station MS updates 
the electronic value amount in the electronic bank 5 
shown in Fig 8 from 1 ,000 yen to 900 yen and the elec- 
tronic value amount in the UIM1 shown in Fig 8 from 0 
yen to 1 00 yen, and stores the received time stamp as 
a time stamp at update of the electronic value amount 
and a digital signature as an electronic bank signature 10 
SGN2. 

[0140] And, the mobile station MS generates a mes- 
sage that the OK key operation is performed, and per- 
forms a process of encryption with the encryption certif- 
icate for the EB, of a digital signature with a private sig- 15 
nature key, and gives a time stamp for this message 
which is the same as Step Sa2, and transmits it to elec- 
tronic bank server EBS. (Step Sa12) 
[0141] Next, the electronic bank server EBS obtains 
a digital signature verification certificate from the direc- 20 
tory server DS as in Step Sa3, and verifies the correct- 
ness of the digital signature by using this certificate 
when receiving the above message as described in Fig 
15 (Step Sa13). 

[0142] Further, the electronic bank server EBS de- 25 
crypts an encrypted message by using a private decryp- 
tion key as in Step Sa4, and confirms the time stamp. 
(Step Sa14) 

[0143] As a result, the electronic bankserver EBS up- 
dates the electronic value management information so 
shown in Fig 4 when confirming an OK message. (Step 
Sa15) 

[0144] The electronic value amount in the electronic 
bank account is updated from 1 ,000 yen to 900 yen, the 
electronic value amount in the UIM is updated from 0 35 
yen to 100yen, the current electronic value amount in 
the electronic bank account is updated from 1,000yen 
to 900yen, and the current electronic value amount in 
the UIM is updated from 0 yen to 1 00 yen. A time stamp 
is issued at this moment and this time stamp is stored 40 
in the electronic bank server EBS as the time stamp at 
update of electronic value amount and a time stamp at 
update of current electronic value amount. 
[0145] The electronic bank server EBS transmits a 
message to the mobile station MS that the transaction 45 
has been completed (Step Sa1 6); and in return, the mo- 
bile station MS displays the above received message 
(Step Sa17), and the process is completed. 
[0146] In the above case, when a key operation in 
Step Sa10 is NG, mobile station MS does not update 50 
electronic value information in UIM1. And, a NG mes- 
sage is generated in Step Sa12, and it is transmitted to 
electronic bank server EBS. 

[0147] Also, the electronic bank server EBS com- 
pletes a process without updating the electronic value 55 
information in Step Sa13 when receiving an NG mes- 
sage. But, the electronic bank server EBS stores a log 
about the above process with a digital signature of the 



mobile station MS to deal with claims, which an OK mes- 
sage has been input to confirm the result and so forth, 
from a user of the mobile station MS. 
[01 48] For example, when the above transaction can- 
not be completed for reasons such as the electronic 
bank server EBS not receiving a message from the mo- 
bile station MS as in Step Sa12, the electronic bank 
server EBS generates a non-completion message of a 
transaction not performed, and encrypts this message 
and the electronic value amount in the UIM1 to which a 
digital signature and time stamp are given before the 
transaction, and transmits this message and value 
amount to the mobile station MS. 
[0149] On the other hand, the mobile station MS dis- 
plays this message when receiving a non-completion 
message from the electronic bank server EBS, and the 
mobile station MS will substitute the electronic value 
amount in the UIM with the one in the UIM transmitted 
with non-completion message before transaction. 
[0150] Also, for example, when the mobilestation MS 
cannot receive either the completion or the non-comple- 
tion message for reasons such as a prolonged commu- 
nication interception, the mobile station MS displays a 
message of transaction not completed on display. A us- 
er operates the mobile station MS to perform a commu- 
nicative connection to the electronic bank server EBS 
after restoration of the communication interception, and 
obtains an updated electronic value information, and up- 
dates the electronic value information of a user. 
[0151] In the above example, the electronic value in 
the UI M 1 of the mobile station MS was described. A pre- 
paid card PC only has to go through the same process 
as described above via the mobile station MS by an in- 
frared communication means when the electronic value 
in the prepaid card PC is deposited in the electronic 
bank account. 

(4) Exchange between electronic purses 

[0152] The Mobile station MS can exchange electron- 
ic value by a local communication means which the elec- 
tronic bank server EBS does not mediate like an infrared 
communication means. 

[0153] With reference to the sequence shown in Fig 
1 6 and Fig 1 7, the case in which the electronic value of 
1 00 yen is paid from the mobile station MS 1 of user A, 
and the mobile station MS2 of user B receives this 100 
yen value will be described below. 
[01 54] At first, the mobile station MS1 transmits by in- 
frared communication, a request signal to mobile station 
MS2 of user B for information on the electronic bank ID 
in the electronic value information of user B, the elec- 
tronic purse type, the electronic bank account number, 
and the EB signature SGN1. (Step Sb1) 
[0155] The mobile station MS2 of user B reads out 
electronic value information requested from its own 
UIM1, and transmits this information to mobile station 
MS 1 by infrared communication on receiving this re- 
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quest signal. (Step Sb2) 

[0156] The mobile station MS1 verifies EB signature 
SGN1 in the received electronic value information, and 
confirms that the user B is the proper owner of the elec- 
tronic value which the electronic bank server EBS is- 5 
sues. (Step Sb3) If the EB signature SGN1 is not con- 
firmed, the process is stopped. 

[0157] If confirmation is given, user A performs a key 
operation to request payment after inputting the elec- 
tronic value amount of 1 00 yen to be paid to user B, and 
electronic purse type information (hereafter referred to 
as U IM 1 ). The key operation is then accepted by mobile 
station MS1 . (Step Sb4) 

[0158] Next, the mobile station MS organizes an elec- 
tronic bank account of user B, the electronic bank 
number of user A, and the transacted value amount (in 
this case, the electronic value amount 1 00 yen paid from 
the mobile station MS1 to mobile station MS2) as infor- 
mation set, and gives a digital signature of user A to this 
information set, and transmits it to mobile station MS2 
as electronic value information which user A pays. In 
this case, the mobile station MS1 transmits the electron- 
ic bank ID, the electronic purse type, the electronic bank 
account of user A, and the EB signature SGN1 in the 
electronic value information which the mobile station 
MS1 memorizes. (Step Sb5) 

[0159] The Mobile station MS2 verifies the EB signa- 
ture SGN1 given to the received information set, and 
confirms that user A is the true owner of the electronic 
value which the electronic bank server EBS issues. 
(Step Sb6) If it is not confirmed that user A is the true 
owner, the transaction of the process is stopped. 
[0160] Further, the mobile station MS2 verifies the 
digital signature of user A given to the received informa- 
tion set. (Step Sb7) This prevents a third party from pos- 
ing as user A of the mobile station MS1 . 
[0161] Next, the mobile station MS2 displays the elec- 
tronic value information which user A pays except for a 
digital signature information of user A. (Step Sb8) That 
is to say, the electronic bank account number of user B, 
the electronic bank account number of user A, and the 
transacted value amount of 100 yen are displayed. 
[0162] User B refers to this display, and inputs an OK 
message into the mobile station MS2 if user B decides 
that there are not any problems. 
[0163] On the other hand, if user B encounters prob- 
lems, user B inputs an NG message into the mobile sta- 
tion MS2. The mobile station MS2 notifies this message 
to mobile station MS1 , and the process will be stopped. 
[0164] Next, the mobile station MS2 adds the elec- 
tronic value amount of 100 yen corresponding to the 
transacted value amount to the UIM current electronic 
value amount in the electronic value information mem- 
orized in its own UIM 1, and adds to electronic value 
update history, an update history based on the electron- 
ic value information paid by user A which is received 
from the mobile station MS1 (Step Sb9) 
[01 65] Next, the mobile station MS2 gives a digital sig- 



nature of user B to the electronic bank account number 
of user B, electronic bank account number of user A, 
and the transacted value amount of 1 00 yen except for 
a digital signature of user A in the electronic value infor- 
mation which user A pays, and transmits the information 
to the mobile station NS 1 as the information which user 
B received. (Step Sb10) 

[0166] The mobile station MS1 receives the electronic 
value information which user B received, and verifies the 
digital signature of user B which is transmitted along with 
the information. (Step Sb11) 

[0167] Next, the mobile station MS 1 deducts the elec- 
tronic value information 100 yen corresponding to the 
transacted value amount from the current electronic val- 
ue amount in the UIM, and adds an updated history to 
the electronic update history, updates the electronic his- 
tory based on the electronic value information received 
by user B. (Step Sb12) 

[0168] At this moment, the local electronic value ex- 
change between mobile station MS1 and mobile station 
MS2 will be completed. 

[0169] Next, the sequence shown in Fig 17 is per- 
formed when the mobile station MS2 of user B needs to 
communicate with the electronic bank server EBS after 
completing the process shown in Fig 1 6. 
[0170] At first, the mobile station MS2 reads out the 
updated electronic value (update) history from its own 
UIM1 , transmits this history to the electronic bank server 
EBS, and requests the electronic bank server EBS to 
confirm the correctness of the transaction. (Step Sc1) 
[0171] On the other hand, the electronic bank server 
EBS refers to the electronic value update history re- 
ceived from mobile station MS2, and verifies a transac- 
tion partner digital signature, which is the digital signa- 
ture of user A in this case, in this electronic value update 
history. The electronic bank server EBS changes the 
electronic value information described below if no prob- 
lems are found through this verification. (Step Sc2) 
[0172] That is to say, with regard to the electronic val- 
ue management information corresponding to user B 
who receives the electronic value, the electronic bank 
server EBS performs an updating process to add 100 
yen to the electronic value amount in the UIM, to update 
the time stamp at update of the electronic value amount, 
to add 100 yen to the current electronic value amount 
in the UIM, and to update a time stamp at the update of 
the current electronic value amount. 
[0173] Also, with regard to the electronic value man- 
agement information corresponding to user A who pays 
the electronic value, the electronic bank server EBS re- 
duces the current electronic value amount in the UIM by 
100 yen, and performs a process to update the time 
stamp at update of the current electronic value amount. 
[0174] And, if there are some problems in the verifi- 
cation result of the transaction partner digital signature, 
the electronic bank server EBS generates a message 
that updating has not been processed due to problems, 
and notifies the manager of the electronic bank server 
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EBS. 

[0175] The electronic bank server EBS transmits the 
electronic value information which should be updated 
based on the electronic value management information 
updated in Step Sc2 to mobile station MS2. (Step Sc3) 5 
Electronic value information transmitted in this case is 
the electronic value amount in the UIM, with a time 
stamp at update of the electronic value amount, and the 
electronic bank signature SGN2. 
[0176] If there are some problems in the verification 
result of the transaction partner digital signature, a mes- 
sage that updating has not been processed due to prob- 
lems will be transmitted with the above information to 
mobile station MS2. 

[01 77] The mobile station MS2 updates the electronic 
value information in its own UIM1 in response to elec- 
tronic value information received from the electronic 
bank server EBS. (Step Sc4) 

[0178] And, the electronic value information of mobile 
station MS1 is confirmed by the electronic bank server 
EBS when the mobile station MS1 communicates with 
the electronic bank server EBS with regard to the proc- 
ess which will take place as in mobile station MS2. 
[0179] That is to say, the electronic bank server EBS 
compares the current electronic value amount in the 
UIM with the electronic value amount in the UIM in the 
electronic value management information correspond- 
ing to user A when the electronic bank server EBS is 
accessed from the mobile station MS1 . If both amounts 
are different, the electronic value information will be up- 
dated. The contents of update in this case are : 

matching the electronic value amount in the UIM 
with the current electronic value amount in the UIM, 
and updating the time stamp at update of the elec- 
tronic value amount. 

[0180] The electronic bank server EBS transmits 
electronic value information which should be updated, 
to the mobile station MS1 by matching the above updat- 
ed information. That is to say, the electronic bank server 
EBS transmits the electronic value amount in the UIM, 
a time stamp at update of the electronic value amount, 
and the electronic bank signature SGN2. 
[0181] The mobile station MS 1 verifies the electronic 
bank signature SGN2 in the information received from 
the electronic bank server EBS, and updates the elec- 
tronic value information in the UIM1 if no problems are 
found. (Step Sb20) 

[0182] It follows that the transaction is guaranteed by 
the electronic bank server EBS, and the process will be 
completed. 

[0183] An exchange between the electronic purses is 
only completed effectively when the electronic value up- 
date history arrives at the electronic bank server EBS 
from both purses of a transactor. 
[01 84] Also, process can be completed when an elec- 
tronic purse update history is notified to either one of the 



electronic purses. In this case, when an updated history 
of paid electronic value is notified to the electronic bank 
server EBS, it can be considered that the process is 
completed. 

[0185] In the above example, the UIM1 in the mobile 
station MS was described as a payer's an electronic 
purse , electronic value in prepaid card PC is also pos- 
sible to use. In this case, the prepaid card PC only has 
to go through the same process as the above mentioned 
via the mobile station MS by infrared communication. 

(5) Transfer of electronic value 

[0186] The electronic value can be transferred to 
someone else as a form " transfer from your purse or 
your electronic bank account to the electronic bank ac- 
count of someone else ". 

[0187] The transfer of electronic value will be de- 
scribed with reference to the sequence shown in Fig 1 8. 
[0188] At first, the user operates the mobile station 
MS, and selects a withdrawal means to transfer the elec- 
tronic value, (hereafter referred to as a transfer means) 
Concretely, either one of the prepaid card PC, the UIM1 
in the mobile station MS, or the electronic bank account 
of a user is selected. It is assumed that the UIM1 is se- 
lected in this case. Next, the user inputs an electronic 
bank account number for a transfer point (hereafter re- 
ferred to as electronic bank account number for a trans- 
fer point) and the amount to be transferred, (hereafter 
referred to as transfer money), Mobile station MS ac- 
cepts the above operations. (Step Sd1) 
[01 89] Next, the mobile station MS gives a time stamp 
to the information which is input by the user, encrypts 
this information with a public encryption key for the elec- 
tronic bank server EBS, and transmits the data to which 
a digital signature is given by using a private signature 
key to the electronic bank server EBS as a request sig- 
nal to request a transfer. (Step Sd2) 
[0190] When a user selects a prepaid card PC as a 
transfer means in Step Sd1 , the mobile station MS per- 
forms communication through infrared means with the 
prepaid PC, and obtains electronic value information in 
the prepaid card PC, and transmits this information to 
the electronic bank server EBS. 
[0191] On the other hand, the electronic bank server 
EBS verifies the digital signature on the received data, 
and decrypts the encrypted message, and confirms the 
correctness of the electronic value information by 
checking a time stamp. (Step Sd3) 
[0192] Next, the electronic bank server EBS 
confirms : 

1 , existence of the electronic bank account to which 
the electronic value is transferred; 

2, availability of the electronic bank account which 
is appointed to transfer the electronic value; and 

3, the balance of the electronic value in a transfer 
means which transfers the electronic value is larger 
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than the amount of the electronic value amount to 
be transferred. (Step Sd4) 

[01 93] When a prepaid card PC is selected as a trans- 
fer means, the electronic bank server EBS verifies the 
electronic bank signature SGN4, and confirms whether 
a transfer is possible or not after confirming that the elec- 
tronic value information is not transcribed falsely. 
[0194] Next, the electronic bank server EBS calcu- 
lates the electronic value amount of a transfer means 
(UIM1 in this case) after transferring. And, the electronic 
bank server EBS gives a time stamp to the electronic 
bank ID, the electronic bank account number of a trans- 
fer point, the user name of the electronic bank account 
for a transfer point, the amount of transferred money, 
the electronic bank account number of a user of the 
transfer means, and the electronic value amount of a 
transfer means (UIM1) before or after transferring, and 
encrypts with a public encryption key obtained from the 
directory server DS, and gives a digital signature with a 
private signature key which the electronic bank server 
EBS memorizes, and transmits to the mobile station MS. 
(Step Sd5) 

[0195] The mobile station MS confirms that there is 
no incorrectness by verifying the digital signature, de- 
crypting an encrypted message, and confirming a time 
stamp of the received data. (Step Sd6) 
[0196] Next, the mobile station MS displays the re- 
ceived data. When a userchecks this data after reading, 
and performs a key operation showing OK or NG, the 
mobile station MS accepts this operation by the user. 
(Step Sd7) 

[0197] When a key operation showing OK is per- 
formed, the mobile station MS updates the electronic 
value information memorized by the UIM1 selected as 
a transfer means, the electronic value information which 
should be updated in this case is the electronic value 
amount in the UIM, a time stamp at update of electronic 
value amount, the electronic bank signature SGN2, and 
the current electronic value amount. The information in 
the electronic purse is not updated when an electronic 
bank account is selected as a transfer means. 
[0198] Also, a key operation for showing NG is per- 
formed, and the electronic value in the electronic purse 
is not updated. 

[0199] Next, the mobile station MS generates a mes- 
sage showing whether a key operation is OK or NG, and 
gives a time stamp to this message, encrypts with a pub- 
lic encryption key for the electronic bank, and gives a 
digital signature with a private signature key, and trans- 
mits to the electronic bank server EBS. (Step Sd8) 
[0200] The electronic bank server EBS calculates the 
electronic value in the electronic bank account for a 
transfer point, gives a digital signature of the electronic 
bank server EBS to this electronic value, and stores it 
as electronic value management information corre- 
sponding to the electronic bank account of a transfer 
point when receiving an Ok message. (Step Sd9) 



[0201] When an electronic bank account is selected 
as a transfer means, the electronic bank server EBS cal- 
culates the electronic value in the electronic bank ac- 
count of a transfer means, and stores th is value to which 

5 a digital signature of the electronic bank server EBS is 
given as electronic value management information. 
[0202] The electronic bank server EBS transmits a 
message showing the process is completed to the mo- 
bile station MS. (Step Sd1 0) The mobile station MS dis- 

10 plays this message, and notifies the completion of the 
process to the user. 

[0203] Also, the electronic bank server EBS com- 
pletes a process without updating the electronic value 
information when receiving an NG message. But, the 
15 electronic bank server EBS stores a log about the above 
process with a digital signature of the mobile station MS 
to deal with claims, which an OK message has been in- 
put to confirm the result and so forth, from a user of the 
mobile station MS. 

[0204] Also, for example, when the above transaction 
cannot be completed for reasons such as the electronic 
bank server EBS not receiving a message from the mo- 
bile station MS in Step Sd8, the electronic bank server 
EBS encrypts a non-completion message that the trans- 
action is not performed and the electronic value amount 
in the UIM before the transaction, and transmits this en- 
crypted message and the encrypted value amount to 
which a digital signature and a time stamp are given, to 
the mobile station MS as performed in Step Sa8. 
[0205] On the other hand, the mobile station MS dis- 
plays this message when receiving a non-completion 
message from the electronic bank server EBS, and the 
electronic value amount in the UIM is substituted with 
the one in the UIM before the transaction transmitted 
with a non-completion message. 
[0206] Also, for example, when the mobile station MS 
cannot receive both the messages (completion and non- 
completion message) for reasons such as a prolonged 
communication interception, the mobile station MS dis- 
plays a message which says transaction is not complet- 
ed. A user operates the mobile station MS to perform a 
communicative connection to the electronic bank server 
EBS after the restoration of communication interception 
and obtains an updated electronic value information, 
and updates the electronic value information of a user. 
[0207] In the above example, the electronic value in 
the UIM1 of the mobile station MS was described. When 
an electronic value in a prepaid card PC is transferred, 
the prepaid card PC has only to go through the same 
process via the mobile station MS by infrared commu- 
nication as described above. 

C: Application Examples 

[0208] Next, the application examples of the embod- 
iment will be described. 

[0209] For example, an item can be sold through 
cashless transaction by installing a function of an elec- 
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tronic purse corresponding to a UIM1 In a mobile station 
MS into a vending machine or POS (Point of Sale), and 
performing an exchange of electronic value between 
electronic purses by local communication network be- 
tween mobile station MS (or prepaid card PC) of a user 5 
(of vending machine) and the vending machine. 
[021 0] With regard to a vending machine, the correct- 
ness is confirmed by verifying the electronic bank sig- 
nature SGN1 when the electronic value is exchanged 
with a mobile station MS, so confirming the correctness 10 
of the electronic value to the electronic bank server EBS 
is not needed each time. Accordingly, advantage is that 
a user can purchase an item immediately, without the 
vending machine dealer having to pay the communica- 
tion cost to a server. 15 
[0211] Also, an item can be sold by cashless transac- 
tions between mobile station MS of a user and a vending 
machine without installing a function of an electronic 
purse in the mobile station MS. In this case, the elec- 
tronic bank signature SGN1 is verified when the elec- 20 
tronic value is exchanged with the mobile station MS as 
well. 

[0212] Fig 1 9 illustrates the above example. A vend- 
ing machine VM is connected, by wire or radio, to a 
vending machine server VS connected to a mobile net- 25 
work. 

[0213] The vending machine VM has a function to per- 
form infrared communication with a mobile station MS, 
to give a digital signature to the data to be transmitted 
to the mobile station MS, and to verify the electronic 30 
bank signature SGN1 transmitted from the mobile sta- 
tion MS. 

[0214] The mobile station MS1 of a user receives an 
electronic bank account number of a vending machine 
dealer by using infrared communication with the vend- 35 
ing machine VM. 

[0215] A user inputs the amount of electronic value 
money to be paid to a vending machine VM and the elec- 
tronic purse type into the mobile station MS, and oper- 
ates the mobile station MS to show the payment re- 40 
quest. The mobile station MS accepts this operation. 
[0216] The mobile station MS organizes the electronic 
bank account number of a vending machine dealer, the 
electronic bank account number of a user, and the elec- 
tronic value amount to be paid as information set, and 
transmits this information set to which a digital signature 
of a user is given to a mobile vending machine VM as 
electronic value information paid by a user by infrared 
communication. Also, the electronic bank server ID, the 
electronic purse type, the electronic bank account 50 
number, and the information set of the electronic bank 
signature SGN 1 among the electronic value information 
stored in an electronic purse of a user are also transmit- 
ted to the vending machine VM. 

[021 7] The vending machine VM verifies the electron- 55 
ic bank signature SGN1 , and confirms whether a user 
is the owner of the electronic value issued by a proper 
electronic bank server EBS. If it fails to verify the digital 



signature, a transaction to a user will be stopped, and a 
log of the received information will be taken that there 
is an improper access. 

[0218] When the above verification of a digital signa- 
ture is successful, the vending machine VM confirms 
that the money information corresponding to the elec- 
tronic value amount is more than that of the amount of 
money for an item. If the amount of money is short, the 
vending machine VM stops the transaction from the mo- 
bile station MS, and returns a message showing the 
money is short to the mobile station MS. 
[0219] The vending machine VM takes a log as an 
electronic value update history which is an electronic 
bank account number of a vending machine dealer, and 
electronic bank account number of a user, the electronic 
value amountto be paid, and a digital signature of a user 
after confirming the above money information. 
[0220] And, the vending machine VM generates a 
message that the amount of money for the item is re- 
ceived, and transmits this message with a digital signa- 
ture to the mobile station MS. A payment for an item to 
the vending machine VM is completed at this moment, 
and it enables a user to push an item button to get the 
item. 

[0221] And, the mobile station MS updates the elec- 
tronic value information in the UIM1 based on a mes- 
sage received from vending machine VM. Concretely, 
deduct amount of money for the item from a current elec- 
tronic value, and add an electronic bank account 
number of a vending machine dealer, electronic bank 
account number of a user, electronic value amount to 
be paid, and a digital signature of a vending machine 
VM to the electronic value update history. 
[0222] The accumulated log in vending machine VM 
is collected regularly by vending machine server VS, 
and transmitted to electronic bank server EBS. 
[0223] Electronic bank server EBS verifies a digital 
signature of a payer to electronic value update history 
received from vending machine server VS, and changes 
the below management information on the electronic 
value update history. 

[0224] That is to say, with regard to electronic value 
management information of electronic bank account of 
a vending machine VM dealer, electronic bank server 
EBS adds an electronic value amount in an electronic 
bank account, and updates a time stamp at update of 
electronic value amount in electronic bank account. 
With regard to electronic value management informa- 
tion of electronic bank account and electronic purse of 
a user, current electronic value amount in UIM1 is de- 
ducted, and a time stamp at update of electronic value 
amount is updated. 

[0225] When a user pays by prepaid card PC, a cur- 
rent electronic value amount in a prepaid card is deduct- 
ed, and a time stamp upon update of the electronic value 
amount is updated. 

[0226] Also, when electronic bank server EBS fails to 
perform electronic authentication of a user, a message 
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showing an update of electronic value information is not 
completed is generated, and transmitted to a manager 
of electronic bank server EBS. 

[0227] Electronic bank server EBS updates electronic 
value management information of electronic bank ac- 5 
count of a vending machine VM dealer. That is to say, 
electronic bank server EBS adds electronic value 
amountin an electronic bank account to electronic value 
management information, updates a time stamp at up- 
date of electronic value amount, and transmits such in- 10 
formation to vending machine server VS. 
[0228] Also, when electronic bank server EBS fails to 
perform electronic authentication, the message de- 
scribed above is transmitted to vending machine server 
VS as well. 

[0229] Vending machine server VS notifies a mes- 
sage received from electronic bank server EBS to a 
manager of vending machine server VS by displaying it. 
If a manager received a message showing failing to per- 
form electronic authentication, a manager may take a 20 
legal action and the like if this transaction is recognized 
to be fraudulent after analyzing this message carefully. 
[0230] Electronic value information in an electronic 
purse of a user is updated in the same way already de- 
scribed above like an exchange between electronic 25 
purses when a user accesses electronic bank server 
EBS later, and the process is completed. 
[0231] When an electronic value update history re- 
ceived from a user is lost by system trouble of vending 
machine VM or vending machine server VS, the con- 30 
formity to current electronic value is guaranteed in the 
same way already described above like when an elec- 
tronic value update history is lost in an exchange be- 
tween electronic purses. 

[0232] According to the above embodiment, it can be 35 
detected that an electronic value in an electronic purse 
is transcribed in an improper way as electronic bank 
server EBS manages both electronic value of an elec- 
tronic purse and an electronic bank account. 
[0233] Also, when an exchange of electronic value is *o 
performed between electronic purses in a local way, 
properness of a digital signature of a user performing a 
transaction is confirmed only between electronic purses 
by verifying electronic bank signature EBS, not inquiring 
electronic bank server EBS every time. Accordingly, net- 
work traffic will not increase. 

[0234] Also, electronic bank server EBS updates 
electronic value management information which elec- 
tronic bank server EBS manages by a notification from 
either one of electronic purses, so the efficiency will im- so 
prove. 

[0235] Also, a time stamp is given to electronic bank 
server EBS in transaction, so an improper retransmis- 
sion will be prevented. 

55 

D: Transformation examples 

[0236] As will be apparent from the following descrip- 



tions, a variety of modifications are possible with respect 
to the present invention, and the invention is not to be 
taken as being limited to the embodiments described. 

(1 ) A form of mobile station MS 

[0237] Mobile station MS only has to be a portable ter- 
minal which has a radio communication function, so it 
can be a personal computer which performs data com- 
munication by connecting to a portable telephone or 
PDA (Personal Digital Assistance) and so on. 

(2) A communication configuration of mobile station, 
prepaid card, vending machine. 

[0238] In the embodiment, mobile station MS, prepaid 
card PC, vending machine VS perform radio communi- 
cation each other by using infrared rays, and wire com- 
munication is also possible. 

[0239] For example, mobile station 50 usually com- 
prises a 16-core connector which performs input and 
output of a serial signal, and prepaid card PC and vend- 
ing machine VS may also perform data communication 
by connecting to cable mutually if the same connector 
is installed in both. 

(3) An Installation configuration of each server 

[0240] In the previous embodiment, electronic bank 
server EBS was installed on mobile network MN, and 
registration authority server RA, certificate authority 
server CA, and directory server DS were installed on 
internet INET But, each server can be installed on any 
network. 

(4) Generation of a key pair 

[0241] In the embodiment, registration authority serv- 
er RA generates a key pair of a user, and transcribes it 
in UIM1 , but it is not limited to this method. 
[0242] For example, it can be generated in a produc- 
tion factory of UIM1, and transcribed in advance, or it 
can be performed by a key pair generating function in- 
stalled in UIM1. Also, registration authority server RA 
may request an authority like certification authority serv- 
er CA to generate a key pair, and transmit the key pair. 

(5) Storage capacity of UIM1 or prepaid card PC 

[0243] As described above, an electronic purse such 
as UIM1 and prepaid card PC about storage capacity 
has some cases : 

[0244] For example, all of the electronic value update 
history may not be stored because of shortage of stor- 
age capacity, or a fault may occur in a memory device 
of electronic value update history because of system 
trouble. In these cases, electronic value update history 
may be lost. A part of electronic value update informa- 



17 



33 



EP 1 221 669 A1 



34 



tion may be lost by a malicious user as a case like only 
electronic value update history which a user paid is de- 
leted. 

[0245] By the way, in the embodiment, when electron- 
ic value update history of either a payer or a recipient is 
transmitted to electronic bank server EBS, both (a payer 
and a recipient) of the proper electronic value amount 
are updated. 

[0246] However, both of the (a payer and a recipient) 
electronic value update history are lost, electronic bank 
server EBS cannot understand an exchange of electron- 
ic value. In this case, to assume that a transaction Is not 
performed from the beginning, current electronic value 
amount in UIM in each electronic purse is obliged to con- 
form to electronic value amount of an electronic purse 
which electronic bank server EBS manages at the mo- 
ment when each electronic purse accesses electronic 
bank server EBS after transaction. That is to say, elec- 
tronic value information of an electronic purse is con- 
formed to the electronic value information of an elec- 
tronic bank. If a means to guarantee conformity is com- 
prised as described above, mobile station MS can de- 
lete electronic value update history from the older date 
one in transaction by using electronic value after that 
when detecting to accumulate electronic value update 
history corresponding in volume to storage capacity of 
an electronic purse. 

[0247] Also, mobile station MS may be obliged to 
transmit the electronic value update history to electronic 
bank server EBS when searching to accumulate the 
electronic value update history corresponding in volume 
to a storage capacity of an electronic purse. The elec- 
tronic value information of the electronic purse will be 
the same as the one of an electronic bank by the above. 
Also, mobile station MS may not perform a transaction 
using an electronic value after searching to accumulate 
an electronic value update history corresponding to stor- 
age capacity of an electronic purse. In this case, mobile 
station MS performs a process to display this transac- 
tion message on display; and notify it to a user. 

(6) A communication means between mobile station MS 
and prepaid card PC 

[0248] A local commun ication means between mobile 
station MS and prepaid card PC is not only limited to 
infrared communication described above, for example, 
Bluetooth communication (registered trademark), , can 
also be used. Of course, a local communication means 
between mobile station MS and vending machine VM 
can be performed by any other radio communication 
means, not only by infrared communication. 



Claims 

1 . An electronic value system having 

a plurality of communication terminals, each 



of which comprises: 

a memory for storing an electronic value, 
a communication means which performs trans- 
5 mission and reception of said electronic value 

to outside nodes, thereby acting as an electron- 
ic purse of a user; 

an electronic bank account holding means pro- 
vided in a server on a network for accumulating 
10 electronic values in each electronic bank ac- 

count assigned to each user; 
a transfer means for transferring said electronic 
value to a memory of said electronic communi- 
cation terminals from said electronic bank ac- 
15 count holding means via said network; 

a transaction log notification means for trans- 
mitting a transaction log showing details of a 
transaction performed by said communication 
terminal using said electronic value; and 
a purse balance information management 
means for memorizing balance information of 
said electronic value stored in a memory of said 
communication terminal provided in said net- 
work, receiving a transaction log transmitted 
from said transaction log notification means, 
and updating balance information of said elec- 
tronic value related to said transaction log. 

2. An electronic value system according to Claim 1 , 
wherein said plurality of communication ter- 
minals include said first communication terminal 
and said second communication terminal, each of 
which performs transmission and reception of said 
electronic value; 

wherein said first communication terminal 
transmits to said second communication terminal its 
own identification information with said electronic 
value stored in said memory; 

wherein said second communication terminal 
receives said electronic value transmitted from said 
first communication terminal and said identification 
information of said first communication terminal, 
and transmits said its own identification information 
to said first communication terminal; 

wherein said transaction log notification 
means transmits an electronic value amount which 
is said transmitted and said received, and identifi- 
cation information of said first and second commu- 
nication terminal as said transaction log from either 
of said first communication terminal or said second 
communication terminal to said purse balance in- 
formation management means; and 

wherein said purse balance information man- 
agement means updates balance information of 
said electronic value based on said transmitted 
transaction log. 

3. An electronic value system according to Claim 2, 
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wherein said first communication terminal and 
said second communication terminal each include 
a log accumulation means for accumulating trans- 
action logs on said transactions; and 

wherein when either said first communication 
terminal or said second communication terminal ac- 
cumulates transaction logs equal in volume to a 
storage capacity of said log accumulation means, 
neither transmission nor reception of an electronic 
value to said outside nodes are carried out. 

4. An electronic value system according to Claim 2, 

wherein said first communication terminal and 
said second communication terminal include a log 
accumulation means for accumulating transaction 
logs on said transactions; and 

wherein when either said first communication 
terminal or said second communication terminal ac- 
cumulates transaction logs equal in volume to a 
storage capacity of said log accumulation means, 
transaction logs having a date and time prior to that 
of a current date and time are erased during a trans- 
action in which a current transaction log is accumu- 
lated. 

5. An electronic value system according to Claim 2, 

wherein said first communication terminal and 
second communication terminal include said log ac- 
cumulation means for accumulating said transac- 
tion log on said transaction; and 

wherein said transaction log notification 
means transmits said transaction log to said purse 
balance information management means when ei- 
ther said first communication terminal or said sec- 
ond communication terminal accumulates said 
transaction log equal in volume to said storage ca- 
pacity of said log accumulation means. 

6. An electronic value system according to Claim 2, 

wherein said communication terminal is a mo- 
bile communication terminal stored in a mobile net- 
work, said network is said mobile network, and said 
first communication terminal and said second com- 
munication terminal communicate by radio. 

7. An electronic value system according to Claim 1 , 

wherein said communication terminal is a mo- 
bile communication terminal stored in a mobile net- 
work, and said network is said mobile network. 

8. An electronic value system according to Claim 1 , 

wherein said communication terminal is a mo- 
bile communication terminal stored in a mobile net- 
work, and a memory of said communication termi- 
nal is an IC card installed in said communication ter- 
minal. 

9. An electronic value system according to Claim 1 , 



wherein said communication terminal attach- 
es a transmission date and time to said electronic 
value when transmitting said electronic value. 

5 10. An electronic value system according to Claim 1 , 
wherein said communication terminal com- 
prises a security means for performing electronic 
authentication, encryption and decryption by using 
a key for said electronic value, and an update 

10 means to update said key regularly when perform- 
ing transmission and reception of an electronic val- 
ue. 

1 1 . An electronic value system for performing transmis- 
15 sion and reception of an electronic value which is 

electronic money information between a first com- 
munication terminal and a second communication 
terminal, said first communication terminal compris- 
ing: 

20 

a memory for storing said electronic value, 
identification information of said issuer who is- 
sued said electronic value, and a digital signa- 
ture provided by said issuer to said identifica- 

25 tion information; and 

a transmission means for transmitting said 
identification information of the issuer and a 
digital signature with said stored electronic val- 
ueto said second communication terminal, said 

30 second communication terminal comprising: 

a receiving means for receiving identifica- 
tion information of said issuer and a digital 
signature; and 

35 a confirmation means for confirming valid- 

ity of said first communication terminal by 
verifying said received digital signature, 
and 

40 by confirming that said electronic value transmitted 
from said first communication terminal is issued by 
said issuer. 

12. An electronic value system according to Claim 11 , 
45 wherein said second communication terminal 

comprises a memory for storing said electronic val- 
ue, identification information of said issuer who is- 
sued said electronic value, and a digital signature 
transmitted by said issuer for said identification in- 
50 formation, and a transmission means for transmit- 
ting identification information of said issuer stored 
previously and a digital signature to said first com- 
munication terminal further; and 

wherein said first communication terminal 
55 comprises an obtaining means for obtaining identi- 
fication information of said issuer stored in a mem- 
ory of said second communication terminal and a 
digital signature provided by said issuer before 
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transmitting said electronic value to said second 
communication terminal, and a confirmation means 
for confirming authenticity of said second commu- 
nication terminal by verifying said obtained digital 
signature, and by confirming that said electronic 5 
value in a memory of said second communication 
terminal is issued by the issuer. 

13. An electronic value system according to Claim 11 , 

wherein said first communication terminal and 10 
said second communication terminal comprise a log 
accumulation means for accumulating said transac- 
tion log related to their own transaction; and 

wherein at least, either said first communica- 
tion terminal or said second communication termi- is 
nal transmits said accumulated transaction log to 
said outside nodes managing balance information 
of said electronic value, which information said first 
or said second communication terminal memorizes 
when accumulating said transaction log equal in 20 
volume to a storage capacity of said log accumula- 
tion means. 

14. An electronic value system according to Claim 11 , 

wherein said first communication terminal and 25 
said second communication terminal perform trans- 
mission and reception of electronic values by radio. 

15. An electronic value system according to Claim 11 , 

wherein at least, either said first communica- 30 
tion terminal or said second communication termi- 
nal is a mobile communication terminal in a mobile 
network. 

16. An electronic value system according to Claim 11 , 35 

wherein said second communication terminal 
is installed in a vending machine. 

17. An electronic value system according to Claim 11 , 

wherein the communication terminal attaches *o 
a transmission date and time to said electronic val- 
ue when transmitting said value. 

18. An electronic value system according to Claim 11 , 

wherein said communication terminal com- 45 
prises a security means for performing electronic 
authentication, encryption and decryption by using 
a key for said electronic value, and an update 
means for updating said key regularly when per- 
forming transmission and reception of said elec- so 
tronic value. 

19. A communication terminal comprising : 



mission and reception of said electronic value 
between outside nodes; 
an identification information exchange means 
for transmitting its own identification informa- 
tion stored in said memory to said outside 
nodes, and to obtain identification information 
of said outside nodes from said outside nodes; 
and 

a log accumulation means, as a transaction log, 
for accumulating said electronic value amount 
whose transmission and reception are per- 
formed between said outside nodes, said iden- 
tification information, and identification infor- 
mation of said outside nodes. 

20. A communication terminal according to Claim 19, 

wherein a communication terminal does not 
perform transmission and reception of said elec- 
tronic value between said outside nodes when it ac- 
cumulates a transaction log equal in volume to a 
storage capacity of said log accumulation means. 

21. A communication terminal according to Claim 20, 

wherein when a communication terminal ac- 
cumulates said transaction log corresponding to a 
storage capacity of said log accumulation means, 
said transaction log is erased from the oldest one 
of transmission date and time in transmission and 
reception of said electronic value after accumulat- 
ing said transaction log. 

22. A communication terminal according to Claim 21 , 

wherein when a communication terminal ac- 
cumulates said transaction log equal in volume to a 
storage capacity of said log accumulation means, a 
communication terminal transmits said accumulat- 
ed transaction log to an outside device to confirm 
authenticity of said transmission and reception of 
said electronic value by using said transaction log. 

23. A communication terminal according to Claim 19, 

wherein said communication terminal com- 
prises a security means for performing a process of 
electronic authentication, encryption and decryp- 
tion by using a key for said electronic value, and an 
updating means for updating said key regularly 
when performing transmission and reception of said 
electronic value. 

24. A communication terminal according to Claim 19, 

wherein when a communication terminal 
transmits said electronic value to said outside 
nodes, a communication terminal attaches a trans- 
mission date and time to said electronic value. 

25. A communication terminal according to Claim 19, 

wherein said communication means performs 
transmission and reception of said electronic value 



a memory for storing an electronic value which 55 
is electronic money information and its own 
identification information therefor; 
a communication means for performing trans- 
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between said outside nodes by radio. 

26. A communication terminal according to Claim 19, 

wherein said communication terminal is a mo- 
bile communication terminal in a mobile network, 5 
and said memory is an IC card installed in the com- 
munication terminal. 

27. A communication terminal comprising : 

a memory for storing an electronic value which 
is electronic money information; identification 
information of an issuer of the electronic value, 
and a digital signature provided by the issuer 
to the identification information a communica- 
tion means for performing transmission and re- 
ception of said electronic value between out- 
side nodes; 

an attachment means for attaching to electronic 
value, identification information of said issuer 
and said digital signature to be transmitted to 
said outside nodes by said communication 
means; and 

a confirmation means for confirming authentic- 
ity of said electronic value by verifying identifi- 
cation information of said issuer to be attached 
to electronic value received from said outside 
nodes by said communication means, and said 
digital signature. 

28. A communication terminal according to Claim 27, 

wherein said communication terminal com- 
prises a security means for performing electronic 
authentication, encryption and decryption of said 
electronic value by using a key, and updating means 
for updating said key regularly when performing 
transmission and reception of said electronic value. 

29. A communication terminal according to Claim 27, 

wherein when a communication terminal 
transmits said electronic value to said outside 
nodes, said communication terminal attaches a 
transmission date and time to said electronic value. 

30. A communication terminal according to Claim 27, 

wherein said communication means performs 
transmission and reception of said electronic value 
between said outside nodes by radio. 

31. A communication terminal according to Claim 27, 

wherein said communication terminal is a mo- 
bile communication terminal in a mobile network, 
and said memory is an IC provided in the commu- 
nication terminal. 

32. A server comprising: 

a means of transfer for transferring via said net- 



work, an electronic bank account holding 
means for accumulating said electronic value 
into electronic bank account assigned to users, 
a memory for storing said electronic value, and 
an electronic value accumulated by said elec- 
tronic bank account holding means to a com- 
munication terminal comprising a communica- 
tion means for performing transmission and re- 
ception of said electronic value between said 
outside nodes; 

a purse balance information management 
means for memorizing balance information of 
said electronic value stored in a memory of said 
communication terminal; 
a log obtaining means for obtaining a transac- 
tion log showing details of a transaction by us- 
ing said electronic value in said communication 
terminal via said network from said communi- 
cation terminal; and 

a purse balance information update means for 
updating balance information of said electronic 
value memorized by said purse balance infor- 
mation memory means on a basis of said ob- 
tained transaction log. 

33. A server according to Claim 32, 

wherein said server comprises an electronic 
authentication means for giving an electronic au- 
thentication by a key which said server memorizes 
for said transmitted electronic value information. 
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FIG. 1 
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FIG. 2 
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FIG. 3 



SERIAL 
NUMBER 


DATA NAME 


DESCRIPTION 


1 


PRIVATE 
SIGNATURE KEY 


PRIVATE KEY FOR DIGITALLY SIGNING 
TO DATA WHICH ELECTRONIC BANK' 
SERVER EBS TRANSMITS 


2 


PRIVATE 
DECRYPTION KEY 


PRIVATE KEY FOR DECRYPTING 
ENCRYPTED MESSAGE WHICH ELECTRONIC 
BANK SERVER EBS RECEIVES 


3 


CA SIGNATURE 
VERIFICATION 
CERT I F I CATE 


CERTIFICATE FOR PUBLIC KEY FOR 
VERIFYING DIGITAL SIGNATURES 
PROVIDED ON VARIOUS CERTIFICATES BY 
CERTIFICATE AUTHORITY SERVER CA. 


4 


ELECTRONIC VALUE 
MANAGEMENT 
INFORMATION 


INFORMATION TO MANAGE ELECTRONIC 
VALUE IN ELECTRONIC PURSE AND 
ELECTRONIC BANK ACCOUNT. 
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FIG. 4 



OCR I A 

NUNBE 


DATA NAME 


DESCRIPTION 


1 


ELECTRONIC 
BANK ID 


IDENTIFICATION INFORMATION TO IDENTIFY 1 
ELECTRONIC BANK SERVER EBS WHICH 1 
ISSUED ELECTRONIC VALUE 


2 


ELECTRONIC 
BANK ACCOUNT 
NUMBER 


IDENTIFICATION INFORMATION FOR 1 
ELECTRONIC BANK ACCOUNT 


3 


ELECTRONIC 
VALUE AMOUNT IN 
ELECTRONIC BANK 
ACCOUNT 


BALANCE INFORMATION OF ELECTRONIC 
VALUE IN ELECTRONIC BANK ACCOUNT WHEN 
MOBILE STATION MS ACCESSES ELECTRONIC 
BANK SERVER EBS AT TRANSACTION END 


4 


ELECTRONIC 
VALUE AMOUNT 
IN UIM 


BALANCE INFORMATION OF ELECTRONIC 

l_ » 1 1 1 v L_ I 111 vl Mill l 1 I VSI« Wf L— t_^- * — ■ N-^ I ■ \ 1 « ■ \f 1 

VALUE STORED IN USER IDENTITY MODULE 1 
UIM1 WHEN MOBILE STATION MS ACCESSES 
ELECTRONIC BANK SERVER EBS AT 
TRANSACTION END. 


5 


TIME STAMP AT 
UPDATE OF 
ELECTRONIC 

VALUE AMOUNT 


GIVEN DATE AND TIME INFORMATION BY 
ELECTRONIC BANK SERVER EBS WHEN 
ELECTRONIC VALUE AMOUNT IN ABOVE 4 IS 
UPDATED BY ELECTRONIC BANK SERVER EBS. 


6 


CURRENT ELECTRONIC 
VALUE AMOUNT IN 
ELECTRONIC 
BANK ACCOUNT 


CURRENT BALANCE INFORMATION OF I 
ELECTRONIC VALUE IN ELECTRONIC BANK 
ACCOUNT. 


7 


CURRENT 
ELECTRONIC 
VALUE AMOUNT 
IN UIM 


BALANCE INFORMATION OF ELECTRONIC I 
VALUE WHICH SHOULD BE REFLECTED ON 
USER IDENTITY MODULE 1 UIM1. 


8 


Til STAMP AT 
UPDATE OF CURRENT 
ELECTRONIC 
VALUE AMOUNT 


GIVEN DATE AND TIME INFORMATION BY 
ELECTRONIC BANK SERVER EBS WHEN ELECTRONIC 
VALUE AMOUNT IN ABOVE 6 AND 7 IS UPDATED 
BY ELECTRONIC BANK SERVER EBS. 


9 


ELECTRONIC 
VALUE UPDATE 
HISTORY 


UPDATE HISTORY FOR ELECTRONIC VALUE 
AMOUNT IN USER IDENTITY MODULE UIM AT 
THE POINT WHEN MOBILE STATION MS LAST 
ACCESSES ELECTRONIC BANK SERVER EBS. 
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FIG. 5 



SERIAL 
NUMBER 


DATA NAME 


DESCR I PT I ON 


1 


ELECTRONIC BANK 
ID 


ELECTRONIC BANK SERVER EBS 
IDENTIFICATION INFORMATION WHICH 
ISSUED ELECTRONIC VALUE. 


2 


PREPAID CARD ID 


IDENTIFICATION INFORMATION FOR 
PREPAID CARD. 


3 


ELECTRONIC 
VALUE AMOUNT IN 
PREPAID CARD 


BALANCE INFORMATION OF ELECTRONIC 
VALUE IN ELECTRONIC BANK ACCOUNT WHEN 
MS ACCESSES ELECTRONIC BANK SERVER EBS 
AT TRANSACTION END. 


4 


TIME STAMP AT 
UPDATE OF 
ELECTRONIC VALUE 
AMOUNT 


filVFN DATE AND TIME INFORMATION BY 

u 1 v i— im \j r\ \ i_ r\\\u i i i mi v/i\iiin i i vn u i 

ELECTRONIC BANK SERVER EBS WHEN 
ELECTRONIC VALUE AMOUNT IN ABOVE 3 
IS UPDATED BY ELECTRONIC BANK SERVER 
EBS. 


5 


CURRENT 
ELECTRONIC VALUE 
AMOUNT IN PREPAID 
CARD 


BALANCE INFORMATION OF ELECTRONIC 
VALUE IN CURRENT PREPAID CARD. 


6 


TIME STAMP AT 
UPDATE OF CURRENT 
ELECTRONIC 
VALUE AMOUNT 


GIVEN DATE AND TIME INFORMATION BY 
ELECTRONIC BANK SERVER EBS WHEN 
ELECTRONIC VALUE AMOUNT IN ABOVE 5 IS 
UPDATED BY ELECTRONIC BANK SERVER EBS. 


7 


ELECTRONIC 
VALUE UPDATE 
HISTORY 


UPDATE HISTORY FOR ELECTRONIC VALUE 
AMOUNT IN PREPAID CARD AT THE POINT 
WHEN MOBILE STATION MS OWNED BY 
PREPAID CARD PC OWNER LAST ACCESSES 
ELECTRONIC BANK SERVER EBS. 
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FIG. 6 
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FIG. 7 



SERIA 
NUHBE 


r\ATA MAMC 

DATA NAME 


nrp/in 1 DT 1 AM 

DtSGK 1 r I 1 ON 


1 


PRIVATE 
SIGNATURE KEY 


PRIVATE KEY FOR DIGITALLY SIGNING TO 
DATA WHICH ELECTRONIC BANK SERVER 
EBS TRANSMITS 


2 


PRIVATE 
DECRYPTION KEY 


PRIVATE KEY FOR DECRYPTING AN. 
ENCRYPTED MESSAGE WHICH ELECTRONIC 
BANK SERVER EBS RECEIVES 


3 


EB SIGNATURE 
VERIFICATION 
CERTIFICATE 


CERTIFICATE FOR PUBLIC KEY TO VERIFY 
DIGITAL SIGNATURE GIVEN BY ELECTRONIC 
BANK SERVER EBS 


4 


ENCRYPTION 
CERTIFICATE 
FOR EB 


CERTIFICATE FOR PUBLIC KEY TO 
ENCRYPT DATA TO TRANSMIT TO 
ELECTRONIC BANK SERVER EBS 


5 


OA oluNAIUKt 

VERIFICATION 
CERTIFICATE 


CERTIFICATE FOR PUBLIC KEY FOR 
VERIFYING DIGITAL SIGNATURES 
PROVIDED ON VARIOUS CERTIFICATES BY 
CERTIFICATE AUTHORITY SERVER CA. 


6 


USER ID 


IDENTIFICATION INFORMATION FOR MOBILE 
STATION MS USER 


7 


ELECTRONIC 

VALUE 
INFORMATION 


INFORMATION ON USER IDENTITY MODULE 
1 UIM1 AND ELECTRONIC VALUE IN 
ELECTRONIC BANK ACCOUNT 
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FIG: 8 



SERIA 

vl.iv i n 

NUMBEf 


DATA NAME 


DESCRIPTION 


1 


ELECTRONIC BANK 
ID 


IDENTIFICATION INFORMATION TO 
SPECIFY ELECTRONIC BANK WHICH ISSUED 
ELECTRONIC VALUE. 


2 


ELECTRONIC 
PURSE TYPE 


INFORMATION TO SHOW TYPE WHETHER 
ELECTRONIC PURSE IS USER IDENTITY 
MODULE 1 U 1 Ml OR PREPAID CARD PC. 


3 


ELECTRONIC BANK 
ACCOUNT NUMBER 


IDENTIFICATION INFORMATION TO SPECIFY 
ELECTRONIC BANK ACCOUNT IN ELECTRONIC 
BANK SERVER EBS J 


4 


ELECTRONIC BANK 
SIGNATURE SGN1 


DIGITAL SIGNATURE GIVEN BY 
ELECTRONIC BANK SERVER EBS TO 
GUARANTEE ABOVE 1 -3 ARE NOT 
MANIPULATED 


5 


ELECTRONIC 
VALUE AMOUNT IN 
ELECTRONIC BANK 
ACCOUNT 


BALANCE INFORMATION OF ELECTRONIC 
VALUE IN ELECTRONIC BANK ACCOUNT WHEN 
MOBILE STATION MS ACCESSES ELECTRONIC 
BANK SERVER EBS AT TRANSACTION END. 


6 


ELECTRONIC 
VALUE AMOUNT IN 
UIM 


BALANCE INFORMATION OF ELECTRONIC VALUE I 
STORED IN USER IDENTITY MODULE 1 UIM1 WHEN 
MOBILE STATION MS ACCESSES ELECTRONIC BANK 
SERVER EBS AT TRANSACTION END. 


7 


TIME STAMP AT 
UPDATE OF 
ELECTRONIC 

VALUE AMOUNT 


GIVEN DATE AND TIME INFORMATION BY 1 
ELECTRONIC BANK SERVER EBS WHEN | 
ELECTRONIC VALUE AMOUNT IN USER 
IDENTITY MODULE 1 UIM1 IS UPDATED. 


8 


ELECTRONIC BANK 
SIGNATURE SGN2 


DIGITAL SIGNATURE GIVEN BY 
ELECTRONIC BANK SERVER EBS TO 
GUARANTEE ABOVE 1-3 AND 5-7 ARE 
NOT MANIPULATED 


9 


CURRENT 
ELECTRONIC 
VALUE AMOUNT 


CURRENT BALANCE INFORMATION OF 
ELECTRONIC VALUE IN USER IDENTITY 
MODULE 1 UIM1. | 


10 


ELECTRONIC 
VALUE UPDATE 
HISTORY 


UPDATE HISTORY OF ELECTRONIC VALUE IN 
USER IDENTITY MODULE 1 UIM1 AT THE j 
POINT WHEN MOBILE STATION MS LAST 
ACCESSES ELECTRONIC BANK SERVER EBS. | 



29 



EP 1 221 669 A1 



FIG. 9 



SERIAL 
NUMBER 


DATA NAME 


DESCRIPTION 


1 


RECIPIENT 
ELECTRONIC BANK 
ACGUUN I NUlViDtrc 


ELECTRONIC BANK ACCOUNT NUMBER FOR 
PERSON WHO RECEIVES ELECTRONIC 

VAI 1 IF 


2 


PAYER ELECTRONIC 
BANK ACCOUNT 
NUMBER 


ELECTRONIC BANK ACCOUNT NUMBER FOR 
PERSON WHO PAYS ELECTRONIC VALUE. 


3 


PAYER 
PREPAID CARD ID 


PREPAID CARD ID WHEN ELECTRONIC 
VALUE IS PAID BY PREPAID CARD. 


4 


TRANSACTED VALUE 
AMOUNT 


TRANSACTED VALUE AMOUNT TRANSACTED 
BETWEEN RECIPIENT AND PAYER OF 
ELECTRONIC VALUE 


5 


TRANSACTION 
PARTNER DIGITAL 
SIGNATURE 


DIGITAL SIGNATURE FOR TRANSACTION 
PARTNER 




FIG AO 


SERIAL 
NUMBER 


DATA NAME 


DESCRIPTION 


1 


EB SIGNATURE 
VERIFICATION 
CERTIFICATE 


CERTIFICATE FOR PUBLIC KEY TO 
VERIFY DIGITAL SIGNATURE GIVEN BY 
ELECTRONIC BANK SERVER EBS 


2 


ENCRYPTION 
CERTIFICATE 
FOR EB 


CERTIFICATE FOR PUBLIC KEY TO 
ENCRYPT DATA TO TRANSMIT TO 
ELECTRONIC BANK SERVER EBS 


0 


CA SIGNATURE 
VERIFICATION 
CERTIFICATE 


CERTIFICATE FOR PUBLIC KEY FOR 
VERIFYING DIGITAL SIGNATURES 
PROVIDED ON VARIOUS CERTIFICATES BY 
CERTIFICATE AUTHORITY SERVER CA. 


4 


ELECTRONIC VALUE 
INFORMATION 


INFORMATION ON ELECTRONIC VALUE IN 
PREPAID CARD. 
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FIG. 11 



SERIAL 
NUMBER 


DATA NAME 


DESCRIPTION 


1 


ELECTRONIC 
BANK ID 


IDENTIFICATION INFORMATION TO 
IDENTIFY ELECTRONIC BANK SERVER EBS 
WHICH ISSUED ELECTRONIC VALUE. 


2 


ELECTRONIC 
PURSE TYPE 


IMPHRMATIDM Tfi SHOW TYPF M/HFTHFR 

ELECTRONIC PURSE IS USER IDENTITY 
MODULE 1 UIM1 OR PREPAID CARD PC. 


3 


PREPAID CARD ID 


IDENTIFICATION INFORMATION TO SPECIFY 
PREPAID CARD PC. 


4 


ELECTRONIC BANK 
SIGNATURE SGN3 


DIGITAL SIGNATURE GIVEN BY 
ELECTRONIC BANK SERVER EBS TO 
GUARANTEE ABOVE 1-3 ARE NOT 
MANIPULATED. 


5 


ELECTRONIC 
VALUE AMOUNT IN 
PREPAID CARD 


BALANCE INFORMATION OF ELECTRONIC 
VALUE STORED IN PREPAID CARD PC WHEN 
MOBILE STATION MS OWNED BY PREPAID 
CARD PC OWNER ACCESSES ELECTRONIC BANK 
SERVER EBS AT TRANSACTION END. 


0 


TIME STAMP AT 
UPDATE OF 
ELECTRONIC 

VALUE AMOUNT 


GIVEN DATE AND TIME INFORMATION BY 
ELECTRONIC BANK SERVER EBS WHEN 
ELECTRONIC VALUE AMOUNT IN ABOVE 4 IS 
UPDATED BY ELECTRONIC BANK SERVER EBS. 


7 
# 


ELECTRONIC BANK 
SIGNATURE SGN4 


DIGITAL SIGNATURE GIVEN BY 
ELECTRONIC BANK SERVER EBS TO 
GUARANTEE ABOVE 1—3 AND 5 — 7 ARE 
NOT MANIPULATED. 


8 


CURRENT 
ELECTRONIC 
VALUE AMOUNT 


CURRENT ELECTRONIC VALUE AMOUNT IN 
PREPAID CARD PC. 


9 


ELECTRON I C 
VALUE UPDATE 
HISTORY 


UPDATE HISTORY OF ELECTRONIC VALUE 
AMOUNT IN PREPAID CARD PC AT THE 
POINT WHEN MOBILE STATION MS LAST 
ACCESSES ELECTRONIC BANK SERVER EBS. 
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FIG. 17 
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FIG. 18 
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